ClawHub

DeepRead Medical Records

v1.0.0

Extract structured data from medical records, lab reports, prescriptions, and clinical documents. Pre-built schemas for patient info, diagnoses, medications,...

0· 47·0 current·0 all-time
byDeepRead.tech@uday390
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name/description match the declared runtime behavior: the skill sends clinical documents to an external extraction API and returns structured JSON. The single required env var (DEEPREAD_API_KEY) is appropriate for this purpose.
Instruction Scope
SKILL.md explicitly instructs POSTing documents to https://api.deepread.tech and polling for results — this is expected for an extraction service. Important: that means PHI/PII will be transmitted off‑host. SKILL.md does not instruct reading unrelated system files. It claims PII redaction/HIPAA compliance and 97%+ accuracy; those are vendor claims and not verifiable from the instructions.
Install Mechanism
Instruction‑only skill with no install spec and no code files — nothing is written to disk by an installer. Lowest installation risk.
Credentials
Only one credential is required (DEEPREAD_API_KEY), which is proportional to a remote API integration. Note: the example Python snippet uses a local API_KEY variable rather than DEEPREAD_API_KEY — be sure the agent uses the declared primaryEnv rather than embedding keys in code.
Persistence & Privilege
always is false and the skill is user‑invocable; it does not request permanent/system‑wide presence or modification of other skills/config. Autonomous invocation is allowed by default but is not combined with other privilege escalations here.
Assessment
This skill appears to do what it says: it will upload documents to api.deepread.tech and return structured data. Before installing or using with real patient records, confirm the vendor's legal/security posture (HIPAA BAA, data retention, encryption at rest/in transit, region), and never hardcode API keys in code or prompts. Test with synthetic data to validate redaction quality, check that the agent actually reads DEEPREAD_API_KEY (not an inlined API_KEY), rotate keys regularly, and ensure contract/permissions are in place before sending PHI to a third party. If you cannot confirm appropriate safeguards (BAA, retention policy, access controls), treat this as a risk to patient privacy and avoid uploading real records.

Like a lobster shell, security has layers — review code before you run it.

latestvk973tbp89t0rf8ws8msrykz2mn8426yc

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

EnvDEEPREAD_API_KEY
Primary envDEEPREAD_API_KEY

Comments