Open Health
PassAudited by VirusTotal on May 11, 2026.
Overview
Type: OpenClaw Skill Name: open-health Version: 1.0.1 The 'open-health' skill provides a conversational interface for booking mental health appointments through the Klarity Health platform. It uses a bash script (scripts/booking-api.sh) to interact with a legitimate telehealth API (rx.helloklarity.com). Although it collects sensitive PII (Name, DOB, Insurance ID), the SKILL.md includes explicit privacy safeguards and safety protocols, and the data collection is strictly necessary for the stated medical booking functionality.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Sensitive health, identity, contact, and insurance information could be retained or exposed outside the intended provider API call.
SKILL.md says the booking payload includes name, DOB, email, phone, and insurance ID. Passing that payload as a command argument and shell variable can expose it to tool transcripts, process listings, or logs, which undercuts the skill's stated no-log/no-store requirement.
book '<json>' ... json="${1:-}" ... curl -s -X POST ... -d "$json"Use this only if the host agent can avoid saving chats/tool logs for the booking flow. The skill should use a safer input path such as stdin or a dedicated redacting tool, and should document retention and logging limits clearly.
The agent could create a real medical appointment, trigger confirmations, or create cancellation/payment obligations before the user has reviewed all final details.
The instruction moves directly from collecting patient details to the live booking command. The artifacts reference a dry-run mode, but the main workflow does not require a final confirmation or validation step before creating a real appointment.
After the user picks a provider and slot: ... Run: `scripts/booking-api.sh book <json-payload>`
Require an explicit final confirmation that summarizes provider, time, service, payment method, patient details, and any cancellation/cost implications before running the live booking command.
A third-party booking service receives personal health-related and insurance information.
Collecting and sending these details is expected for appointment booking, but it uses sensitive identity and insurance information to act on the user's behalf.
This skill collects patient information (name, DOB, email, phone, insurance ID) solely to complete the booking API call. This data is sent directly to `https://rx.helloklarity.com` over HTTPS
Only provide these details if you intend to book and trust the provider endpoint. Verify the appointment details and avoid using this for emergencies or crisis care.
Users may have less information to verify who maintains the skill or its relationship to the booking provider.
For a healthcare booking skill that sends sensitive patient data to an external service, limited publisher/homepage provenance makes independent verification harder, even though the included helper code is straightforward.
Source: unknown; Homepage: none
Verify the domain and provider relationship before sharing patient information, and prefer a skill version with clearer publisher and support information.