Intelligent Triage Symptom Analysis
Security checks across malware telemetry and agentic risk
Overview
This medical triage skill appears functional, but it includes persistent symptom-history storage and a background “self-evolution” daemon that are not safely scoped or consistently disclosed.
Review this skill carefully before installing. Avoid running the auto-evolve daemon, do not rely on the tool for emergency medical decisions, and assume symptom history and user identifiers may be saved locally under ~/.openclaw unless you inspect and control the code.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Medical symptom descriptions and related assessment data may be saved locally even though the documentation repeatedly says medical data is not stored on disk.
The code stores up to 50 symptom assessments, including assessment input, in a persistent local JSON history file.
self.history_dir = os.path.expanduser("~/.openclaw/symptom_history") ... 'assessment': assessment ... json.dump(history[-50:], f, ensure_ascii=False, indent=2)Install only if you are comfortable with local symptom-history storage; the publisher should clearly disclose when history is saved, provide an opt-in/opt-out, encrypt or minimize stored data, and align the privacy documentation with the code.
User identifiers may be stored in plain local files despite documentation claiming hashed user IDs.
The trial manager stores the user_id directly as a JSON key rather than hashing it.
data = self._load_trial_data() ... user_data = data.get(user_id, {}) ... data[user_id] = {'used_calls': 0, 'first_use': datetime.now().isoformat()}Hash or otherwise minimize identifiers before storage, and update the documentation to accurately describe what is stored.
If started, this process would continue running outside the immediate user request and could modify or influence the skill over time if the self-evolution logic is expanded.
The shell script is an indefinite background loop that repeatedly runs a self-evolution script every 30 minutes.
while true; do ... cd $SKILL_PATH && python3 scripts/self_evolve.py >> $LOG_FILE 2>&1 ... sleep 1800
Do not run the daemon unless you explicitly want persistent background behavior; the publisher should remove it or require clear user opt-in, bounded runtime, logs, and a documented stop/uninstall procedure.
Users may over-trust the triage output for urgent medical decisions.
The documentation makes absolute or near-clinical-performance claims for a high-stakes medical triage tool without showing validation evidence in the provided artifacts.
Detect red flag symptoms with ≥95% sensitivity ... Never miss life-threatening conditions
Treat the tool as informational only; the publisher should soften unsupported accuracy claims, provide validation evidence, and keep emergency-care disclaimers prominent.
Billing credentials may be needed after the free trial, and users should understand that the skill can contact the billing provider.
The skill uses a billing API key for SkillPay, but registry metadata lists no required environment variables or primary credential.
API_KEY = os.environ.get('SKILLPAY_API_KEY', '') ... self.headers = {'X-API-Key': api_key, 'Content-Type': 'application/json'}The publisher should declare billing credentials and network use in metadata; users should provide only the intended SkillPay key and monitor charges.