Clinical Doc Assistant

What to consider before installing or using this skill: - Metadata mismatch: The registry metadata for this package said "no required env vars" while SKILL.md requires FHIR OAuth credentials (client id/secret/token URL). Treat that as a red flag — confirm the manifest before supplying secrets. - PHI risk: If you use the hosted backend or supply CLINICAL_DOC_API_URL to a third party, the skill will transmit the full patient_context to that backend and then to Anthropic's API. Do NOT send real PHI to any third-party backend unless you (a) control the backend, (b) deploy it in a HIPAA-eligible environment, and (c) have appropriate BAAs in place. - Safer options: For testing, set FHIR_SANDBOX_MODE=true and use only synthetic data. If you need production use, self-host backend.py on infrastructure you control, keep ANTHROPIC_API_KEY in a secure store, and ensure logging does not capture PHI. Consider anonymizing or redacting identifiers before sending to an LLM. - Audit the backend: If you will use a hosted instance, review backend.py (it’s included) and confirm it does not persist PHI to logs or DBs, and verify what the hosted operator does with received data. The included backend currently has no DB integration implemented (placeholders), and uses an HTTP POST to api.anthropic.com — that behaviour is expected but sensitive. - Least privilege: Only provide FHIR credentials with scopes limited to minimum read access needed, rotate keys regularly, and restrict network access to trusted endpoints. - If you are unsure: do not provide EHR credentials or real patient data. Use sandbox mode for evaluation and request clarification from the skill author about the manifest/registry mismatch and about where patient_context will be sent in hosted mode.