adverse-event-narrative Security Report — Trusted | ClawSafe

5 /100

adverse-event-narrative

Generate CIOMS-compliant adverse event narratives for Individual Case Safety Reports (ICSR)

Legitimate pharmacovigilance tool that generates CIOMS-compliant adverse event narratives from JSON case data with no malicious behavior detected.

Skill Nameadverse-event-narrative

Duration56.9s

Enginepi

✓

Safe to install

No action required. The skill is safe to use as a text generation tool for regulatory pharmacovigilance workflows.

Findings 1 items

Severity	Finding	Location
Low	Over-declared allowed-tools Doc Mismatch SKILL.md declares 'Bash' in allowed-tools but the implementation uses only Python standard library (json, argparse, datetime) with no subprocess, os.system, or any shell execution. The tool is purely a text processor. `allowed-tools: [Read, Write, Bash, Edit]` → Remove 'Bash' from allowed-tools declaration to accurately reflect that this is a pure text-generation tool with no shell execution capability.	`SKILL.md:7`

Resource	Declared	Inferred	Status	Evidence
Filesystem	`WRITE`	`WRITE`	✓ Aligned	scripts/main.py:240-244 writes output file
Filesystem	`READ`	`READ`	✓ Aligned	scripts/main.py:221-227 reads input JSON
Network	`NONE`	`NONE`	—	No network imports or requests in scripts/main.py
Shell	`WRITE`	`NONE`	✓ Aligned	scripts/main.py uses only Python standard library; no subprocess, os.system, or …
Environment	`NONE`	`NONE`	—	No os.environ access or environment variable reading
Skill Invoke	`NONE`	`NONE`	—	No skill invocation capabilities present
Clipboard	`NONE`	`NONE`	—	No clipboard access
Browser	`NONE`	`NONE`	—	No browser/web automation
Database	`NONE`	`NONE`	—	No database connectivity

File Tree

8 files · 38.0 KB · 1270 lines

Markdown 5f · 783L Python 1f · 372L JSON 2f · 115L

├─ ▾ 📁 references

│ ├─ 📝 CIOMS_I_Guidelines.md Markdown 98L · 3.2 KB

│ ├─ 📝 ICSR_Template.md Markdown 101L · 2.4 KB

│ ├─ 📝 MedDRA_Reference.md Markdown 100L · 2.3 KB

│ ├─ 📝 Quick_Reference.md Markdown 63L · 1.4 KB

│ ├─ 📋 sample_case_001.json JSON 91L · 2.9 KB

│ └─ 📋 sample_case_minimal.json JSON 24L · 599 B

├─ ▾ 📁 scripts

│ └─ 🐍 main.py Python 372L · 12.3 KB

└─ 📝 SKILL.md Markdown 421L · 12.9 KB

Security Positives

✓ No network requests or external communication detected

✓ No credential harvesting or environment variable access

✓ No obfuscation techniques (no base64, eval, or atob)

✓ No sensitive file path access (~/.ssh, ~/.aws, .env)

✓ No remote script execution (no curl|bash or wget|sh patterns)

✓ No subprocess or shell command execution in code

✓ Uses only Python standard library with zero external dependencies

✓ Clean, readable code with proper error handling

✓ Legitimate pharmacovigilance use case with regulatory compliance focus

✓ No data exfiltration or C2 communication patterns

Scan Report

Findings 1 items

File Tree

Security Positives