ClawHub
Back to skill
v1.0.0

Firm Medtech Pack

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 6:13 AM.

Analysis

This instruction-only medtech bundle is not overtly malicious, but it should be reviewed because it uses multi-agent session capabilities for regulated-data workflows while its privacy and compliance safeguards are only described, not enforced.

GuidanceReview this skill carefully before installing. It appears to be a prompt/configuration bundle rather than executable malware, but do not process PHI or regulated submissions with it unless you separately verify audit logging, anonymization, secure storage, and limits on spawned agents and session-history access. Review and pin any companion skills before installing them.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Human-Agent Trust Exploitation
SeverityMediumConfidenceHighStatusConcern
SKILL.md
pre-configured for FDA/CE compliance...
requires:
      env: []
...
- PHI (Protected Health Information): `SECURE_PRODUCTION_MODE=true` mandatory
- Audit trail required by 21 CFR Part 11: `AUDIT_ENABLED=true`

The artifact makes compliance and PHI-safety claims while also declaring no required environment variables and providing no code or install mechanism to enforce those safeguards.

User impactA user could mistakenly believe HIPAA, audit-trail, anonymization, or FDA/CE workflow safeguards are active when they are only written as guidance.
RecommendationTreat this as a template, not a compliance control. Manually verify secure mode, audit logging, anonymization, and regulatory review processes before using it with regulated data.
Agentic Supply Chain Vulnerabilities
SeverityLowConfidenceHighStatusNote
SKILL.md
npx clawhub@latest install academic-research
npx clawhub@latest install admet-prediction
npx clawhub@latest install pdf-documents
npx clawhub@latest install arc-security-audit
npx clawhub@latest install firm-orchestration

The recommended companion installs are optional and purpose-aligned, but they use an unpinned latest installer and add additional skills whose behavior is not included in this artifact set.

User impactInstalling the companion skills may introduce new permissions or behavior that are not visible from this review.
RecommendationReview each companion skill separately and pin trusted versions before using them in regulated workflows.
Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Insecure Inter-Agent Communication
SeverityMediumConfidenceHighStatusConcern
SKILL.md
tools:
      - sessions_send
      - sessions_spawn
      - sessions_history
...
npx clawhub@latest install firm-orchestration       # A2A orchestration backbone

The skill declares tools for sending to sessions, spawning sessions, and reading session history, and pairs them with agent-to-agent orchestration for regulated medtech workflows, but does not define identity, permission, or data-boundary controls.

User impactPatient, clinical, or regulatory information could be shared across spawned agents or prior sessions in ways the user may not expect or be able to audit.
RecommendationUse only with explicit approval before spawning or messaging agents, restrict which sessions can be accessed, and avoid sharing PHI until data-flow boundaries are verified.
Memory and Context Poisoning
SeverityLowConfidenceMediumStatusNote
SKILL.md
"workspace": "~/.openclaw/workspace/medtech-firm"

The suggested configuration uses a persistent workspace for medtech work. That is purpose-aligned, but sensitive clinical or regulatory content stored there needs retention, access, and reuse controls.

User impactSensitive documents or summaries may remain in a local workspace and be reused in later tasks if the environment is not configured carefully.
RecommendationUse a dedicated workspace, define retention and deletion practices, and do not store PHI unless the workspace is secured and audited.