Healthcare Lead Generator
WarnAudited by ClawScan on May 10, 2026.
Overview
This skill is a healthcare lead-generation workflow, but it directs broad scraping of patient-related health signals and contact data through external services without clear consent, privacy, or compliance boundaries.
Review this skill carefully before use. It may be acceptable for limited B2B healthcare prospecting from public business listings, but avoid using it to identify or target individual patients from health forums or Reddit, and do not rely on its vague HIPAA-related wording as compliance assurance.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Using this as written could create privacy-invasive healthcare prospect lists or outreach based on sensitive health discussions and public contact data.
The workflow directs broad at-scale scraping and contact extraction, including patient-related health-seeking signals, without clear limits, consent checks, review gates, or platform/legal compliance controls.
Scrape **every clinic, practitioner & wellness business** in any location ... Find **patients actively seeking care** on health forums & Reddit ... Extract **full contact details** — name, phone, email, address
Limit collection to clearly public business listings, avoid targeting individual patients based on health posts, require explicit per-run user approval, document source restrictions, and add compliance/consent safeguards before generating outreach.
Sensitive health-related posts, complaints, or lead details could be processed by third-party services without the user understanding the privacy boundary.
The skill combines multiple external providers with patient-related health signals, but does not define what data is sent to each provider, how it is redacted, retained, or protected.
Powered by: [Apify] + [InVideo AI] + Claude AI ... Reddit Scraper | Patients seeking care, health complaints, treatment questions ... Claude AI | Lead scoring, outreach generation
Clearly disclose all providers and data flows, avoid sending patient-level health content to external AI/video tools, redact or aggregate health signals, and document retention and privacy controls.
A user may over-trust the skill's healthcare compliance posture or generate outreach and promo content that is misleading or inappropriate for regulated healthcare marketing.
The skill uses reassuring healthcare-compliance wording and proposes testimonial-style promotional videos, but the artifact provides no concrete compliance rules, consent model, or safeguards against misleading healthcare marketing.
Generate **HIPAA-mindful personalized outreach** ... Produce **patient testimonial-style promo videos** via InVideo AI
Replace vague compliance claims with concrete guardrails, require human/legal review for healthcare outreach, and prohibit fabricated or misleading patient-testimonial-style content.
Providing these tokens may let the workflow use the user's Apify or InVideo account, quotas, stored configuration, and billing.
The skill asks for third-party API credentials, which is expected for Apify/InVideo usage, but the registry metadata declares no primary credential or required environment variables.
"invideo_api_key": "YOUR_INVIDEO_API_KEY" ... "apify_token": "YOUR_APIFY_TOKEN"
Use least-privilege or disposable tokens where possible, monitor provider usage and billing, and avoid pasting credentials with unrelated account access.