Drug Safety Review
WarnAudited by ClawScan on May 18, 2026.
Overview
This skill makes strong medical-safety claims that are not supported by the included implementation, and it also includes an unrelated background self-evolution daemon.
Do not use this as a real clinical safety authority without independent verification. If you test it, treat it as a limited demo, avoid real patient identifiers, be careful with billing API keys, and do not start the auto-evolution daemon.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A user could incorrectly rely on the tool as comprehensive and miss serious medication risks that are not represented in the small included database.
The documentation markets the tool as a comprehensive, evidence-based medical safety system, but the visible implementation exposes only a small hard-coded set of drugs. In a healthcare context, this mismatch can create unsafe user trust.
README.md: "20,000+ FDA-approved medications" and "200,000+ documented interactions"; scripts/safety_review.py: "DRUG_INFO = { 'warfarin': ..., 'metformin': ..., 'amoxicillin': ..., 'lisinopril': ..., 'simvastatin': ..., 'aspirin': ... }"Treat this as a limited demo unless the publisher provides the claimed database, validation evidence, and accurate documentation; verify all outputs against authoritative clinical sources.
If launched, the daemon would keep running in the background and repeatedly execute code outside a single medication-review request.
The package includes a long-running auto-evolution loop and changelog language saying autonomous evolution/version upgrades are active, which is not aligned with a user-invoked medication review skill. The supplied install spec does not show it being auto-started, but the capability is present.
auto-evolve-daemon.sh: "while true; do ... python3 scripts/self_evolve.py ... sleep 1800"; CHANGELOG.md: "自主进化系统激活" and "自动版本升级"
Do not run the daemon unless it is clearly documented, opt-in, stoppable, and scoped; the publisher should remove or explicitly disable self-evolution behavior for this skill.
If a user supplies an email, patient identifier, or other sensitive ID, it may remain in a local file despite the documentation implying it is hashed.
The documentation says user IDs are hashed, but the code stores the raw user_id as a JSON key in persistent local trial data.
FAQ.md: "User ID (hashed)"; scripts/safety_review.py: "data[user_id] = {'used_calls': 0, 'first_use': ...}" and "json.dump(data, f, ensure_ascii=False, indent=2)"Use a non-identifying random user ID, and the publisher should hash or pseudonymize stored identifiers and update the privacy documentation to match the code.
Users may misunderstand what credentials are needed or which key is being sent to the billing provider.
Billing credentials are purpose-aligned and disclosed in documentation, but the registry does not declare them and the documented variable names differ from the code.
metadata: "Required env vars: none" and "Primary credential: none"; README.md: "SKILL_BILLING_API_KEY" / "SKILL_ID"; scripts/safety_review.py: "API_KEY = os.environ.get('SKILLPAY_API_KEY', '')" and "headers = {'X-API-Key': api_key, ...}"Verify the exact billing environment variables before use, provide only a least-privilege billing key, and ask the publisher to align registry metadata, docs, and code.