$ loading_
为医疗应用部署提供患者安全自动化评估,发现风险即阻止上线。
复制安装指令,让 AI 自动完成配置 · 推荐新手
请帮我安装 askskill 上的 "healthcare-eval-harness" 技能: 1. 下载 https://raw.githubusercontent.com/affaan-m/ECC/main/skills/healthcare-eval-harness/SKILL.md 2. 保存为 ~/.claude/skills/healthcare-eval-harness/SKILL.md 3. 装好后重载技能,告诉我可以用了
请为医院临床决策支持系统部署生成一套患者安全评估方案,覆盖诊断建议准确性、PHI 暴露检查、临床工作流完整性,以及与 EHR 的集成合规性;并定义失败即阻止发布的规则。
一套可执行的部署前评估清单、测试项与阻断发布标准。
针对医疗问诊应用最近一次版本更新,设计自动化回归测试套件,重点验证症状分诊准确率、敏感患者信息泄露风险、关键表单提交流程是否中断,并给出通过阈值。
覆盖关键风险点的自动化测试方案、样例用例和量化验收门槛。
某医疗应用部署因安全评估失败被阻止,请分析可能原因,按 CDSS 准确性、PHI 暴露、临床流程异常、接口合规问题分类,并给出修复优先级建议。
按风险类别整理的问题诊断报告,以及明确的修复顺序建议。
Automated verification system for healthcare application deployments. A single CRITICAL failure blocks deployment. Patient safety is non-negotiable.
Note: Examples use Jest as the reference test runner. Adapt commands for your framework (Vitest, pytest, PHPUnit, etc.) — the test categories and pass thresholds are framework-agnostic.
The eval harness runs five test categories in order. The first three (CDSS Accuracy, PHI Exposure, Data Integrity) are CRITICAL gates requiring 100% pass rate — a single failure blocks deployment. The remaining two (Clinical Workflow, Integration) are HIGH gates requiring 95%+ pass rate.
Each category maps to a Jest test path pattern. The CI pipeline runs CRITICAL gates with --bail (stop on first failure) and enforces coverage thresholds with --coverage --coverageThreshold.
1. CDSS Accuracy (CRITICAL — 100% required)
Tests all clinical decision support logic: drug interaction pairs (both directions), dose validation rules, clinical scoring vs published specs, no false negatives, no silent failures.
npx jest --testPathPattern='tests/cdss' --bail --ci --coverage
2. PHI Exposure (CRITICAL — 100% required)
Tests for protected health information leaks: API error responses, console output, URL parameters, browser storage, cross-facility isolation, unauthenticated access, service role key absence.
npx jest --testPathPattern='tests/security/phi' --bail --ci
3. Data Integrity (CRITICAL — 100% required)
Tests clinical data safety: locked encounters, audit trail entries, cascade delete protection, concurrent edit handling, no orphaned records.
npx jest --testPathPattern='tests/data-integrity' --bail --ci
4. Clinical Workflow (HIGH — 95%+ required)
Tests end-to-end flows: encounter lifecycle, template rendering, medication sets, drug/diagnosis search, prescription PDF, red flag alerts.
tmp_json=$(mktemp)
npx jest --testPathPattern='tests/clinical' --ci --json --outputFile="$tmp_json" || true
total=$(jq '.numTotalTests // 0' "$tmp_json")
passed=$(jq '.numPassedTests // 0' "$tmp_json")
if [ "$total" -eq 0 ]; then
echo "No clinical tests found" >&2
exit 1
fi
rate=$(echo "scale=2; $passed * 100 / $total" | bc)
echo "Clinical pass rate: ${rate}% ($passed/$total)"
5. Integration Compliance (HIGH — 95%+ required)
Tests external systems: HL7 message parsing (v2.x), FHIR validation, lab result mapping, malformed message handling.
tmp_json=$(mktemp)
npx jest --testPathPattern='tests/integration' --ci --json --outputFile="$tmp_json" || true
total=$(jq '.numTotalTests // 0' "$tmp_json")
passed=$(jq '.numPassedTests // 0' "$tmp_json")
if [ "$total" -eq 0 ]; then
echo "No integration tests found" >&2
exit 1
fi
rate=$(echo "scale=2; $passed * 100 / $total" | bc)
echo "Integration pass rate: ${rate}% ($passed/$total)"
| Category | Threshold | On Failure |
|---|---|---|
| CDSS Accuracy | 100% | BLOCK deployment |
| PHI Exposure | 100% | BLOCK deployment |
| Data Integrity | 100% | BLOCK deployment |
| Clinical Workflow | 95%+ | WARN, allow with review |
| Integration | 95%+ | WARN, allow with review |
name: Healthcare Safety Gate
on: [push, pull_request]
jobs:
safety-gate:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version: '20'
- run: npm ci
…
帮助用户在回答前选择简短、标准或详细版本,控制回复深度与 token 用量。
为 Claude Code 会话建立正式评估流程,支持评测驱动开发与质量验证