ClawHub

Medication Safety Advisor

v1.0.3

Use this skill when a clinician, pharmacist, or care coordinator needs to check drug-drug interactions, verify formulary coverage tiers, look up dosing guide...

0· 64·1 current·1 all-time
by@optimusprime19
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (drug interactions, dosing, formulary checks) align with the declared behavior: it uses RxNorm, OpenFDA, and DailyMed and does not request unrelated credentials or system access. The optional FORMULARY_API_KEY is reasonable for live payer queries.
Instruction Scope
SKILL.md instructs the agent to normalize drug names and query public APIs (RxNorm, OpenFDA, DailyMed). This stays within the advertised scope. Important privacy note is present: the skill explicitly warns not to include patient-identifiable information and to obtain a BAA for production use. Because the skill sends drug/allergy text to public APIs, the user must avoid including PHI in prompts or deploy in a HIPAA-compliant environment.
Install Mechanism
No install spec or code files—instruction-only. Lowest risk from an install perspective (nothing written to disk by the skill itself).
Credentials
No required environment variables or credentials; a single optional FORMULARY_API_KEY is declared and clearly scoped to payer formulary lookups. No excessive or unrelated secrets requested.
Persistence & Privilege
Skill is not always-on, does not claim elevated persistence, and does not request modification of other skill or system configs. Agent autonomous invocation is permitted (platform default) but not a red flag by itself.
Assessment
This skill appears internally coherent, but it transmits drug names and allergy data to public APIs — do NOT include any patient identifiers (names, MRNs, DOB, addresses, notes that could re-identify a patient) in queries. For real patient data, only use this behind a HIPAA-compliant deployment and ensure a BAA is in place with any third-party API you rely on (and consider using payer/formulary APIs that support enterprise agreements). Treat the output as informational: the SKILL.md itself contains a clinical disclaimer — always have a licensed clinician/pharmacist verify before prescribing. If you plan to enable live formulary lookups, only supply FORMULARY_API_KEY with minimal required scopes and rotate keys per your security policy.

Like a lobster shell, security has layers — review code before you run it.

latestvk971n6j4my6w8sm1n3rwkryk0983tsmk

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments