Medical Dental Appointment Pilot
WarnAudited by ClawScan on May 10, 2026.
Overview
This healthcare scheduling skill asks for sensitive patient data and appointment-system authority without clear scope, storage protections, or integration boundaries.
Do not use this with real patients unless a clinic has approved the exact scheduling system, account permissions, data fields, log storage, retention policy, and human-review process. Avoid entering SSNs, detailed medical histories, or other sensitive identifiers, and treat the HIPAA and accuracy claims as unverified.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Patients or clinic staff could place sensitive health or insurance information into an unclear persistent log.
In a medical or dental context, patient name, insurance, practitioner, and visit reason can be sensitive health information. The artifact does not define what is stored, where the log lives, retention, access controls, or how PHI is reliably excluded.
"Ask for the patient's name, insurance provider, and preferred practitioner" ... "identify the reason for the visit" ... "Securely write non-PHI appointment data to the `appointments` log."
Use only with a clinic-approved storage system and explicit data-minimization rules. Define allowed fields, retention, access controls, and avoid entering detailed histories or identifiers.
An agent could be given broad clinic account or spreadsheet access without clear limits on what it can read or change.
This implies delegated access to clinic scheduling systems or spreadsheets, but the registry declares no primary credential, required environment variables, or config paths, leaving the account authority and permission boundaries unclear.
"Real-time sync with clinic management software (via Google Sheets or API)."
Require a narrowly scoped clinic-approved account, explicit configuration, audit logging, and human approval for appointment creation or changes.
Scheduling errors or unauthorized log writes could affect clinic operations and patient appointments.
Booking and logging are mutating operations, but the artifact does not specify approved tools, destination paths, rollback behavior, or a required clinic-side confirmation step.
"Book: Offer available slots and confirm the appointment details." ... "Log: Securely write non-PHI appointment data to the `appointments` log."
Restrict the agent to specific approved scheduling tools and require explicit user or clinic confirmation before any appointment write.
Users may overtrust the skill for regulated healthcare workflows or assume it is compliant when that has not been demonstrated.
The artifact makes strong medical safety, accuracy, and privacy claims, but the supplied package is instruction-only and does not show enforceable HIPAA-grade controls.
"handle patient inquiries and book appointments with 100% accuracy" ... "HIPAA-Aware Interaction" ... "Built-in rules to prevent the collection or exposure of sensitive health data"
Treat this as draft workflow guidance, not a HIPAA-compliant system. Require clinic, legal, and security review before use with real patients.
The skill may depend on additional clinic data files or indexes whose contents and safeguards are unknown.
The skill references external data sources that are not present in the manifest, so their provenance, format, and safety rules cannot be reviewed here.
"Verify insurer is in the `accepted_plans.json` list" ... "Block any appointment ID already present in the `confirmed_slots` index."
Provide and review all referenced data sources before using the workflow in a real clinic environment.