Medical Billing Coder
v1.0.3Use this skill when a clinician, biller, or practice manager needs to look up ICD-10 diagnosis codes, CPT procedure codes, or E&M visit level codes. Takes a...
⭐ 1· 66·1 current·1 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description match the instructions: suggesting ICD-10/CPT/E&M codes, validating combinations, and checking denials. The optional CMS_API_KEY aligns with the declared purpose (NCCI/fee-schedule validation). No unrelated credentials, binaries, or installs are requested.
Instruction Scope
SKILL.md confines actions to analyzing clinical text and suggesting codes. It warns users not to include PHI and states that when CMS_API_KEY is used only code pairs (not clinical text) are sent. Because this is instruction-only, correct handling of PHI and the CMS API depends on the agent following the prose; consider whether you trust the agent/runtime to enforce de-identification and the 'code-pairs only' behavior.
Install Mechanism
No install spec and no code files — lowest-risk delivery (instructions only). Nothing is downloaded or written to disk by the skill itself.
Credentials
No required environment variables; CMS_API_KEY is optional and appropriate for the stated optional feature. The skill does not request unrelated secrets or system config paths.
Persistence & Privilege
Skill is not always-enabled and has no special persistence or system-wide configuration changes. It is user-invocable and may be invoked autonomously by the agent (platform default), which is expected for skills of this type.
Assessment
This skill appears coherent for advising on codes, but keep these practical cautions before installing or using it: 1) Never paste patient-identifiable PHI into queries — the SKILL.md warns to de-identify, but the runtime must enforce that; confirm your agent/runtime will not transmit PHI. 2) If you set CMS_API_KEY, verify what is actually transmitted (the skill claims only code pairs are sent) and that the API key has appropriate, limited scope; monitor network traffic or review logs if possible. 3) CPT text is proprietary — the skill says it references CPT numbers and common descriptions for advisory use only; do not rely on this for production claim submission without a proper licensed CPT dataset and review by a certified coder. 4) Because this is instruction-only with no code, behavior depends on the agent correctly implementing the steps in SKILL.md — test thoroughly with de-identified examples and cross-check outputs with an experienced coder before using it for billing. 5) The repository/homepage is provided; if you require higher assurance, review that GitHub repo and the author before using in a production environment.Like a lobster shell, security has layers — review code before you run it.
latestvk97060whk382phw7q4raw2zdyn83vwfp
License
MIT-0
Free to use, modify, and redistribute. No attribution required.