Redcap Crf Generator
PassAudited by ClawScan on May 9, 2026.
Overview
This skill appears to convert user-provided clinical form documents into REDCap CSV data dictionaries, with only purpose-aligned dependency and external-tool sharing notes.
Before installing or using this skill, run it in a controlled Python environment, review/approve any OCR or Feishu sharing step, and avoid processing sensitive clinical documents unless that destination is permitted by your organization.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing unpinned dependencies can expose the environment to changes in future package versions or compromised packages.
The skill relies on installing Python packages from PyPI, and the documented packages are not version-pinned. This is purpose-aligned for document conversion but still a supply-chain item users should notice.
pip install python-docx lxml markitdown
Install in a virtual environment and consider pinning trusted package versions before use.
Clinical form structure, protocol details, or embedded images could be shared with an OCR tool or Feishu workspace as part of normal operation.
The workflow can route document images through an OCR/image tool and send the resulting CSV via Feishu. This is disclosed and related to the stated task, but it is a third-party/tool-mediated data flow involving potentially sensitive clinical document content.
使用 `image` 工具识别图片内容 ... 通过飞书发送 CSV 文件
Use this only for documents you are allowed to process in those tools, and confirm the Feishu recipient/channel before sending generated files.