Is elmariachi111/fhir-questionnaire safe?

https://github.com/openclaw/skills/tree/main/skills/elmariachi111/fhir-questionnaire

84
SAFE

This FHIR questionnaire skill appears to be a legitimate medical coding tool that helps create healthcare questionnaires using standardized LOINC and SNOMED CT codes. While it requires code execution and network access, these appear necessary for ensuring medical coding accuracy rather than malicious purposes.

Category Scores

Prompt Injection 75/100 · 30%
Data Exfiltration 95/100 · 25%
Code Execution 70/100 · 20%
Clone Behavior 95/100 · 10%
Canary Integrity 100/100 · 10%
Behavioral Reasoning 80/100 · 5%

Findings (3)

MEDIUM Python Script Execution Instructions -20

The skill instructs the agent to execute Python scripts for medical code lookups using commands like 'python scripts/search_loinc.py' and 'python scripts/search_snomed.py'. While this appears legitimate for medical coding accuracy, it represents code execution risk.

LOW Strong Override Language -15

The skill uses forceful override language like 'NEVER', 'ALWAYS', and 'CRITICAL RULES' which could potentially override user preferences or system instructions, though this appears to be for medical safety purposes.

LOW Network Access Requirements -10

The skill declares specific network access requirements and instructs the agent to stop functioning if network access fails, which could alter expected agent behavior.