ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

HIPAA Patient Comms

v1.0.0

Draft patient-facing communications (appointment reminders, billing notices, follow-ups, recall messages) that avoid HIPAA violations. Flags risky language,...

0· 66·0 current·0 all-time
by@josh4hire
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name, description, templates, and the data fields requested (first name, date/time, phone, etc.) are coherent with a HIPAA-safe patient communications authoring tool. Templates and 'never include' lists align with the stated purpose.
!
Instruction Scope
The SKILL.md instructs collecting specific patient fields and provides templates and explicit PHI exclusions, which is appropriate. However, it is vague about where those fields come from (user input vs. automated retrieval). The tool list includes read_file and write_file without justification or constraints — this could enable reading local files or records containing PHI, which is outside the explicit guidance and increases risk.
Install Mechanism
Instruction-only skill with no install spec or external downloads. No code files to execute — this is low-risk from an installation perspective.
Credentials
The skill requests no environment variables, credentials, or config paths, which is proportionate. Still, the presence of file I/O tools is a form of environment access that is not justified by the SKILL.md and may permit access to sensitive local data.
Persistence & Privilege
always is false and there are no install-time actions or modifications to other skills or system settings. The skill does not request permanent presence or elevated platform privileges.
What to consider before installing
This skill appears to do what it says (draft HIPAA-safe patient messages) and the templates are sensible. The main risk is the declared tools: read_file and write_file. Before installing, confirm how the agent platform mediates those file operations and whether the skill will be allowed to read any local files or EHR exports. Prefer a configuration where the agent asks the user to paste or type only the specific allowed fields (first name, date/time, phone, balance) rather than automatically reading files. If file I/O isn't required for your workflow, remove or disable the read_file/write_file tools. Also verify the publisher (homepage and owner) and ensure messages are not sent automatically—require explicit user review/send. If you need stronger assurance, ask the publisher to add explicit SKILL.md instructions that: (1) require the user to provide fields interactively, (2) prohibit automated file or directory scanning, and (3) log and display any file-access attempts for user approval.

Like a lobster shell, security has layers — review code before you run it.

latestvk9707g8hrbjfjss9gtfkc4cjcx83hpct

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🏥 Clawdis
OSmacOS · Linux · Windows

Comments