Legal Intake Pilot
ReviewAudited by ClawScan on May 10, 2026.
Overview
The skill’s legal intake purpose is coherent, but it asks the agent to collect and persist sensitive legal/medical intake data, use CRM credentials, and push records to legal CRMs without clear scope, approval, or implementation backing for its compliance claims.
Review this carefully before installation. Use it only with mock data until you have scoped CRM credentials, explicit human approval for CRM writes, verified redaction/storage controls, and independent legal/compliance review; do not treat the prompt rules alone as HIPAA or unauthorized-practice-of-law protection.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Incorrect or overly broad agent actions could create or transmit sensitive lead records in a law firm CRM without adequate review.
This describes direct writes or submissions to external legal CRM systems, but the artifacts do not define approval gates, field limits, validation, or rollback for those high-impact business records.
**Instant CRM Integration:** Pushes qualified leads directly to Clio, MyCase, or Litify.
Require explicit human confirmation before CRM writes, restrict the connector to least-privilege lead-creation scopes, validate field mappings, and keep audit logs.
A broad or long-lived CRM API key could give the agent more access to firm contacts, matters, or leads than intended.
The setup introduces a sensitive CRM credential even though the registry metadata lists no required environment variables or primary credential, and the artifacts do not specify token scope or permissions.
**Clio API:** Add `CLIO_API_KEY` to your `.env`.
Declare the credential requirement clearly, use a scoped OAuth/app credential or least-privilege API token, store it in a secret manager, and rotate/audit access.
Potential-client legal details, contact information, and medical facts could persist in shared logs or be reused outside the intended intake context.
The skill expects a shared persistent leads log containing sensitive intake data. It mentions redaction for some PHI, but does not define storage boundaries, retention, access control, or how broader legal/contact details are protected.
**PHI Redaction:** Automatically redact SSNs or specific diagnosis text in the shared `leads` log.
Minimize collected data, define retention and deletion rules, enforce access controls and encryption, test redaction, and avoid storing PHI or privileged details in shared agent memory/logs.
A law firm might rely on the skill as if it guarantees HIPAA compliance or UPL prevention when the artifacts do not prove that level of protection.
The package is instruction-only and provides policy text, not an auditable enforcement implementation. Strong claims such as high-security, hardened, and HIPAA-compliant may cause users to over-trust the skill.
The Legal Intake Pilot is a high-security AI agent ... hardened with ThumbGate ... keeping your logs HIPAA-compliant.
Treat the rules as guidance, not compliance proof; require attorney/compliance review, documented controls, and tested technical enforcement before using it with real clients.