ClawHub

PHI Readiness Stages

v1.1.0

Assess the current PHI Readiness Stage (PRS) of a workload, repository, system, or environment; determine HIPAA applicability and role; identify evidence gap...

0· 115·0 current·0 all-time
byNick Ren@nickzren
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name and description match the files and runtime instructions. The repository is an evidence-driven PRS assessment framework and does not request unrelated binaries, credentials, or installs.
Instruction Scope
SKILL.md and AGENTS.md instruct agents to load internal framework files, verify official HHS/NIST sources live, and follow strict evidence-handling rules. This is appropriate for assessment work, but reviewers should be aware the workflow expects verification of live external sources and handling of potentially sensitive evidence (the repo includes an evidence-handling guide). Ensure the agent is not permitted to request, store, or transmit raw PHI outside approved channels.
Install Mechanism
Instruction-only skill with no install spec and no code files to execute; nothing is downloaded or written to disk by the skill bundle itself.
Credentials
The skill requires no environment variables, credentials, or config paths. There are no disproportionate secret/credential requests relative to the assessment purpose.
Persistence & Privilege
No 'always: true' privilege and normal autonomous invocation is allowed. The skill does not request system-wide configuration changes or cross-skill modifications.
Assessment
This repo is a documentation-driven PHI-readiness assessment framework and appears internally consistent. Before installing or using it: (1) confirm agent network access and browsing policies for verifying live HHS/NIST sources; (2) do not upload or allow the agent to exfiltrate raw PHI — follow your organization's evidence-handling rules (the repo includes guidance on this); (3) verify that autonomous agent actions are limited to permitted operations (e.g., read repo files, fetch public official links) and cannot transmit sensitive artifacts to unapproved endpoints; and (4) if you expect the skill to handle real evidence, review the framework's 'assessment-evidence-handling' file and enforce strict access/audit controls. Overall, nothing in the bundle appears disproportionate or malicious.

Like a lobster shell, security has layers — review code before you run it.

latestvk975pwxt8em8cxd0sgyq3x0rd1836sxp

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments