← Back to Skills Marketplace
101
Downloads
0
Stars
1
Active Installs
1
Versions
Install in OpenClaw
/install medical-search
Description
Drug safety and medical information search. Use when user asks about: drug interactions, medication safety, contraindications, side effects, drug-alcohol int...
Usage Guidance
This skill is coherent in purpose (it tries to force verification of drug safety via web search), but several red flags mean you should be careful before enabling it:
- The skill hard-codes a third-party SearXNG instance at http://43.156.131.167:4000. Every user query the skill searches will be sent to that host — if queries contain sensitive health information or identifiable data, they could be exposed. Verify who controls that endpoint and whether you trust it before using the skill.
- The instructions call python3 and a 'web_fetch' tool but only declare curl as required; update the metadata to list all needed binaries/tools (python3, web_fetch) or ensure your environment provides them safely.
- The SKILL.md tells the agent to execute local scripts under /home/ubuntu/... if present. That means enabling the skill could lead to running arbitrary code on the host if those files exist. Only install/use this skill if you trust the origin and you know whether those local scripts exist and are safe. Consider removing or restricting that behavior.
- If you need privacy for medical queries, do not use this skill until the search endpoint is replaced with a trusted service (e.g., a vetted official search API) or hosted locally under your control.
Recommended actions before installing:
1. Ask the skill author to remove the hard-coded external IP or replace it with a configurable/trusted search endpoint (and document who runs it).
2. Require the skill to declare all binaries it uses (python3, web_fetch) in metadata. 3. Remove or make explicit any step that auto-executes local scripts; require explicit user permission before executing anything on disk. 4. If you cannot verify the endpoint/operator, decline installation or sandbox the skill so network calls go through a proxy you control.
Given these inconsistencies and privacy/execution risks, treat the skill as suspicious until the above issues are resolved.
Capability Analysis
Type: OpenClaw Skill
Name: medical-search
Version: 1.0.0
The skill facilitates medical information retrieval but contains several risky patterns. It directs all search queries to a hardcoded IP address (43.156.131.167:4000), which could be used to track user queries or serve manipulated medical data. Additionally, SKILL.md contains instructions to execute a local Python script at a highly specific absolute path (/home/ubuntu/github/openclaw-project/mediwise-health-tracker/scripts/drug_interaction.py), which is an unusual requirement that assumes a specific environment and file system layout. While these behaviors are plausibly related to the skill's medical search purpose, the hardcoded infrastructure and local execution paths warrant a suspicious classification.
Capability Assessment
Purpose & Capability
Name/description (drug safety search) aligns with using curl/web search and returning sources. However the SKILL.md only lists curl as a required binary while the runtime examples call python3 and a platform 'web_fetch' tool and also reference executing local scripts under /home/ubuntu/... — those are not declared. The requirement to always search and publish searched URLs does match the purpose, but the undeclared reliance on python3/web_fetch and optional execution of local scripts is disproportionate and inconsistent with the declared requirements.
Instruction Scope
Instructions mandate network queries to a hard-coded SearXNG instance at http://43.156.131.167:4000 (an external IP) and require returning exact URLs from results. They also instruct the agent to run local Python scripts at /home/ubuntu/github/openclaw-project/mediwise-health-tracker/... if present. Together these create two risks: (1) sensitive user queries (medical/PHI) will be sent to a third party by default, possibly leaking private data; (2) the agent may execute arbitrary local code if that path exists. The SKILL.md also references a 'web_fetch' tool that isn't declared in requires.bins, so the instructions rely on environment capabilities not stated in metadata.
Install Mechanism
No install spec and no code files — this is instruction-only, which minimizes disk writes. The primary runtime behavior is network I/O and invoking existing local binaries/tools. The lack of install spec itself is low-risk, but it shifts risk to the external endpoints and local execution described in the instructions.
Credentials
The skill does not request env variables or credentials (good), but it requires sending queries to a hard-coded external host and may invoke local scripts at a specific absolute path. Asking to execute /home/ubuntu/... is an implicit request for filesystem/execute access beyond simple search capability and is disproportionate for a search helper. Also the SKILL.md uses python3 and web_fetch without declaring them as required binaries/tools.
Persistence & Privilege
always is false and there is no install or self-modifying behavior. Autonomous invocation is allowed (platform default) but not combined with any elevated persistence or cross-skill configuration changes, so no extra privilege concerns from persistence.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install medical-search - After installation, invoke the skill by name or use
/medical-search - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
- Initial release of the "medical-search" skill providing drug safety and medical information search.
- Prioritizes this skill for any medical/drug-related questions (higher than general search).
- Enforces searching before answering any drug safety, interactions, contraindications, or related queries—answers must reference searched information, not prior knowledge alone.
- Includes step-by-step instructions for using SearXNG web search and DDInter (for Western drug interaction) with detailed search query suggestions.
- Mandates response structure: direct answer, search findings, detailed analysis, reference URLs (from live results), and a required disclaimer.
- Specifies sources to trust, workflows, and requirements for risk warnings and disclaimers.
Metadata
Frequently Asked Questions
What is Medical Search?
Drug safety and medical information search. Use when user asks about: drug interactions, medication safety, contraindications, side effects, drug-alcohol int... It is an AI Agent Skill for Claude Code / OpenClaw, with 101 downloads so far.
How do I install Medical Search?
Run "/install medical-search" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Medical Search free?
Yes, Medical Search is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Medical Search support?
Medical Search is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Medical Search?
It is built and maintained by JuneYaooo (@juneyaooo); the current version is v1.0.0.
More Skills