Protocol Deviation Classifier
PassAudited by ClawScan on May 1, 2026.
Overview
This appears to be a local clinical-trial deviation classification tool with no evidence of exfiltration, persistence, or destructive behavior, but its automated regulatory-style output should be reviewed by qualified humans.
Before using this skill, verify the local Python code and dependencies, avoid including unnecessary patient or subject identifiers in inputs, and have a qualified clinical/regulatory reviewer validate any classification or report before it is used operationally.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A user might treat the generated classification or report as authoritative for trial safety or regulatory purposes.
The skill presents automated classifications and regulatory-style reports for a high-stakes clinical trial compliance context. This is purpose-aligned, but the wording could cause users to over-rely on the output without expert review.
- **Automatic Classification**: Automatically determines severity based on deviation description - **Regulatory Basis**: Classification basis complies with GCP, ICH E6, and FDA/EMA guidelines - **Report Generation**: Generates deviation classification reports that meet regulatory requirements
Use the tool as decision support only, and require review by qualified clinical QA/regulatory personnel before taking action or including results in submissions.
Manual dependency installation could introduce unnecessary third-party package exposure if the environment does not actually need these packages.
The requirements file lists unpinned Python packages that overlap with standard-library modules in modern Python versions. There is no automatic install spec, so this is not evidence of automatic unsafe installation, but users should verify dependencies before manually installing them.
dataclasses enum
Review whether these dependencies are needed for the target Python version and prefer pinned, trusted packages or standard-library imports where possible.