Med Info
PassAudited by ClawScan on May 1, 2026.
Overview
This appears to be a benign medication-reference skill that queries public drug-information APIs; users should avoid PHI and understand its optional API-key and local-cache behavior.
This skill looks coherent for medication-label lookups. Before installing, be aware that queries use external public APIs, avoid entering any patient-specific information, and only provide an OPENFDA_API_KEY if you need higher openFDA rate limits.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Drug names or identifiers may be sent to external medical-information services; including patient details could create privacy exposure.
The skill explicitly expects medication queries and warns against PHI, indicating that query terms may be handled outside the local context through its listed public data sources.
Do not include PHI. Query by drug name or identifiers only.
Use only medication names, RxCUIs, NDCs, or SPL set_ids, and do not include patient names, dates of birth, notes, or other PHI.
If provided, the openFDA key is used in API requests to FDA endpoints.
The script can use an optional openFDA API key from the environment, which is expected for rate-limit increases but is still credential-bearing behavior users should notice.
api_key = os.environ.get("OPENFDA_API_KEY")
if api_key:
params["api_key"] = api_keyProvide OPENFDA_API_KEY only if needed for heavier use, and use a key with the least privilege available for that service.
Optional features may use disk space and retain downloaded public reference data locally.
The script keeps a local cache for public datasets; this is purpose-aligned but means the skill can write persistent files under a user cache directory.
CACHE_DIR = Path(os.environ.get("MED_INFO_CACHE_DIR", os.path.expanduser("~/.cache/med-info")))If desired, set MED_INFO_CACHE_DIR to a preferred location and periodically clear the cache.