Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Firm Medtech Pack
v1.0.0Curated skill bundle for medical device companies, digital health startups and pharma R&D teams. Activates the firm pyramid with RA (Regulatory Affairs), Cli...
⭐ 0· 386·1 current·1 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The declared purpose (a firm bundle for RA/Clinical/Quality workflows) matches the prompts and recommended companion skills (firm-orchestration, pdf parsing, audit tools). However the SKILL.md references a persistent workspace (~/.openclaw/workspace/medtech-firm) and enforcement variables (SECURE_PRODUCTION_MODE, AUDIT_ENABLED, POLICY_BLOCKED_TOOLS) that are not declared in the skill metadata, which is an inconsistency between claimed operational needs and the declared requirements.
Instruction Scope
Runtime instructions recommend running npx clawhub@latest install ... (downloading/installing other packages) and reference specific workspace paths and enforcement flags. The skill asks users to enforce anonymization and audit settings but does not provide an automated or declared mechanism to do so. It also lists tools (sessions_send, sessions_spawn, sessions_history) that enable session-level actions — expected for orchestration but worth noting because these increase what the agent can do if invoked.
Install Mechanism
The skill itself has no install spec or code files (instruction-only), which minimizes direct install risk. However it explicitly recommends running npx to install multiple companion skills; those commands will fetch code from registries and should be reviewed before execution. The skill does not pin versions (uses @latest), increasing supply-chain/upgrade risk.
Credentials
The SKILL.md effectively requires operational environment flags for safe PHI handling (SECURE_PRODUCTION_MODE=true, AUDIT_ENABLED=true, POLICY_BLOCKED_TOOLS) but the metadata lists no required env vars or config paths. This mismatch means a user could enable the skill without the necessary safety controls. No secrets are requested, which is good, but the omitted declaration of critical safety settings is problematic given the PHI/regulatory context.
Persistence & Privilege
The skill is not always-enabled and does not request persistent system-wide changes. It lists session-related tools which are reasonable for an orchestration bundle but increase the agent's action surface if the agent is allowed to invoke the skill autonomously. This by itself is not a disqualifying concern, but combined with the other inconsistencies it raises the potential blast radius.
What to consider before installing
This skill appears to be a coherent medtech firm bundle, but several important safety controls are only mentioned in prose and not enforced or declared in the metadata. Before installing or using it: (1) verify and require the safety env vars it mentions (SECURE_PRODUCTION_MODE, AUDIT_ENABLED, POLICY_BLOCKED_TOOLS) and confirm where/how they are enforced; (2) review any companion packages the SKILL.md recommends installing (npx ... install) — inspect their source and pinned versions rather than using @latest; (3) confirm the trustworthiness of firm-orchestration and the recommended skills (they will be able to run actions and access workflows); (4) ensure the workspace path and any data the agents will access are appropriately isolated and that anonymization is tested; (5) ask the author to update the skill metadata to declare required env vars and config paths (so the platform can surface them at install time). If you handle PHI, treat this skill as requiring additional vetting and do not deploy in production until the above are resolved.Like a lobster shell, security has layers — review code before you run it.
latestvk971wmq3dqb5whp10v8y78hfwx823hpf
License
MIT-0
Free to use, modify, and redistribute. No attribution required.