Redacta
PassAudited by ClawScan on May 1, 2026.
Overview
Redacta is a coherent instruction-only medical redaction skill, but users should remember that raw patient text is still processed by their underlying AI model before redaction.
This skill appears safe and purpose-aligned as an instruction-only redaction aid. Before using it with real patient records, confirm that your chosen AI model/provider and workspace are approved for medical data, and manually review the output because the skill itself says it does not guarantee complete detection.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Patient details may be visible to the AI model session before the redacted output is produced.
The skill intentionally places raw medical text and patient identifiers into the agent/model context so they can be redacted. This is central to the skill's purpose, but it involves sensitive health information.
When a user shares medical text, scan it for patient identifiers and replace them with pseudonymised tokens.
Use this only with a model and workspace whose data handling, retention, and compliance posture are appropriate for medical information.
A user might assume the raw medical text never leaves their environment when actual handling depends on the AI model provider in use.
The privacy wording is mostly transparent, but users could overread 'locally' or 'No patient data is sent to external services' unless they also account for the underlying model provider caveat.
This skill processes text locally within your AI agent session. No patient data is sent to external services. However, the text is processed by the underlying language model — ensure your model provider's data handling meets your organisation's requirements.
Clarify model-provider exposure before entering real patient data, especially in regulated clinical or pharmaceutical settings.