ClawHub

HIPAA Compliance for AI Agents

v1.0.0

Generate HIPAA compliance checklists, risk assessments, and audit frameworks for healthcare AI deployments to ensure data security and regulatory adherence.

0· 730·1 current·1 all-time
by@1kalin
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description (HIPAA compliance checklists, risk assessments, audit frameworks) matches the SKILL.md deliverables. The skill requires no binaries, env vars, or installs, which is appropriate for a guidance/checklist generator.
Instruction Scope
SKILL.md contains only content-generation instructions (checklists, matrices, timelines) and recommended output formats. It does not instruct the agent to read local files, access environment variables, or transmit data to external endpoints. It includes a few external resource links (promotional), but does not direct runtime data to them.
Install Mechanism
There is no install spec and no code files — this is instruction-only, which minimizes disk write/execute risk.
Credentials
The skill declares no required environment variables, credentials, or config paths. Nothing in SKILL.md attempts to access secrets or unrelated services.
Persistence & Privilege
always:false and user-invocable:true (defaults). The skill does not request permanent presence or modification of other skills or system-wide settings.
Assessment
This skill appears coherent and low-risk because it only generates compliance content and asks for no credentials or installs. Before you use it: (1) Do not paste real PHI into prompts when testing — treat outputs as guidance, not legal advice. (2) Verify citations, statutory references, and fine amounts against authoritative sources or counsel before acting on them. (3) Review the external links and any paid resources before following or purchasing. (4) If you plan to operationalize recommendations (e.g., implement access controls, BAAs, incident response), have your security/compliance team and legal counsel vet and adapt the output to your environment. (5) If you need integrations (automated scans, logging, or deployments), prefer an implementation that requires explicit credentials and review rather than embedding PHI in model prompts.

Like a lobster shell, security has layers — review code before you run it.

auditvk9744kgnbn4pks26avhk5nj3mh816meacompliancevk9744kgnbn4pks26avhk5nj3mh816meahealthcarevk9744kgnbn4pks26avhk5nj3mh816meahipaavk9744kgnbn4pks26avhk5nj3mh816mealatestvk9744kgnbn4pks26avhk5nj3mh816meaphivk9744kgnbn4pks26avhk5nj3mh816measecurityvk9744kgnbn4pks26avhk5nj3mh816mea

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments