{ "schemaVersion": "1.0", "item": { "slug": "fda-consultant-specialist", "name": "Fda Consultant Specialist", "source": "tencent", "type": "skill", "category": "AI 智能", "sourceUrl": "https://clawhub.ai/alirezarezvani/fda-consultant-specialist", "canonicalUrl": "https://clawhub.ai/alirezarezvani/fda-consultant-specialist", "targetPlatform": "OpenClaw" }, "install": { "downloadMode": "redirect", "downloadUrl": "/downloads/fda-consultant-specialist", "sourceDownloadUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=fda-consultant-specialist", "sourcePlatform": "tencent", "targetPlatform": "OpenClaw", "installMethod": "Manual import", "extraction": "Extract archive", "prerequisites": [ "OpenClaw" ], "packageFormat": "ZIP package", "includedAssets": [ "SKILL.md", "references/device_cybersecurity_guidance.md", "references/fda_capa_requirements.md", "references/fda_submission_guide.md", "references/hipaa_compliance_framework.md", "references/qsr_compliance_requirements.md" ], "primaryDoc": "SKILL.md", "quickSetup": [ "Download the package from Yavira.", "Extract the archive and review SKILL.md first.", "Import or place the package into your OpenClaw setup." ], "agentAssist": { "summary": "Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.", "steps": [ "Download the package from Yavira.", "Extract it into a folder your agent can access.", "Paste one of the prompts below and point your agent at the extracted folder." ], "prompts": [ { "label": "New install", "body": "I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Tell me what you changed and call out any manual steps you could not complete." }, { "label": "Upgrade existing", "body": "I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Summarize what changed and any follow-up checks I should run." } ] }, "sourceHealth": { "source": "tencent", "status": "healthy", "reason": "direct_download_ok", "recommendedAction": "download", "checkedAt": "2026-04-30T16:55:25.780Z", "expiresAt": "2026-05-07T16:55:25.780Z", "httpStatus": 200, "finalUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=network", "contentType": "application/zip", "probeMethod": "head", "details": { "probeUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=network", "contentDisposition": "attachment; filename=\"network-1.0.0.zip\"", "redirectLocation": null, "bodySnippet": null }, "scope": "source", "summary": "Source download looks usable.", "detail": "Yavira can redirect you to the upstream package for this source.", "primaryActionLabel": "Download for OpenClaw", "primaryActionHref": "/downloads/fda-consultant-specialist" }, "validation": { "installChecklist": [ "Use the Yavira download entry.", "Review SKILL.md after the package is downloaded.", "Confirm the extracted package contains the expected setup assets." ], "postInstallChecks": [ "Confirm the extracted package includes the expected docs or setup files.", "Validate the skill or prompts are available in your target agent workspace.", "Capture any manual follow-up steps the agent could not complete." ] }, "downloadPageUrl": "https://openagent3.xyz/downloads/fda-consultant-specialist", "agentPageUrl": "https://openagent3.xyz/skills/fda-consultant-specialist/agent", "manifestUrl": "https://openagent3.xyz/skills/fda-consultant-specialist/agent.json", "briefUrl": "https://openagent3.xyz/skills/fda-consultant-specialist/agent.md" }, "agentAssist": { "summary": "Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.", "steps": [ "Download the package from Yavira.", "Extract it into a folder your agent can access.", "Paste one of the prompts below and point your agent at the extracted folder." ], "prompts": [ { "label": "New install", "body": "I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Tell me what you changed and call out any manual steps you could not complete." }, { "label": "Upgrade existing", "body": "I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Summarize what changed and any follow-up checks I should run." } ] }, "documentation": { "source": "clawhub", "primaryDoc": "SKILL.md", "sections": [ { "title": "FDA Consultant Specialist", "body": "FDA regulatory consulting for medical device manufacturers covering submission pathways, Quality System Regulation (QSR), HIPAA compliance, and device cybersecurity requirements." }, { "title": "Table of Contents", "body": "FDA Pathway Selection\n510(k) Submission Process\nQSR Compliance\nHIPAA for Medical Devices\nDevice Cybersecurity\nResources" }, { "title": "FDA Pathway Selection", "body": "Determine the appropriate FDA regulatory pathway based on device classification and predicate availability." }, { "title": "Decision Framework", "body": "Predicate device exists?\n├── YES → Substantially equivalent?\n│ ├── YES → 510(k) Pathway\n│ │ ├── No design changes → Abbreviated 510(k)\n│ │ ├── Manufacturing only → Special 510(k)\n│ │ └── Design/performance → Traditional 510(k)\n│ └── NO → PMA or De Novo\n└── NO → Novel device?\n ├── Low-to-moderate risk → De Novo\n └── High risk (Class III) → PMA" }, { "title": "Pathway Comparison", "body": "PathwayWhen to UseTimelineCost510(k) TraditionalPredicate exists, design changes90 days$21,760510(k) SpecialManufacturing changes only30 days$21,760510(k) AbbreviatedGuidance/standard conformance30 days$21,760De NovoNovel, low-moderate risk150 days$134,676PMAClass III, no predicate180+ days$425,000+" }, { "title": "Pre-Submission Strategy", "body": "Identify product code and classification\nSearch 510(k) database for predicates\nAssess substantial equivalence feasibility\nPrepare Q-Sub questions for FDA\nSchedule Pre-Sub meeting if needed\n\nReference: See fda_submission_guide.md for pathway decision matrices and submission requirements." }, { "title": "Workflow", "body": "Phase 1: Planning\n├── Step 1: Identify predicate device(s)\n├── Step 2: Compare intended use and technology\n├── Step 3: Determine testing requirements\n└── Checkpoint: SE argument feasible?\n\nPhase 2: Preparation\n├── Step 4: Complete performance testing\n├── Step 5: Prepare device description\n├── Step 6: Document SE comparison\n├── Step 7: Finalize labeling\n└── Checkpoint: All required sections complete?\n\nPhase 3: Submission\n├── Step 8: Assemble submission package\n├── Step 9: Submit via eSTAR\n├── Step 10: Track acknowledgment\n└── Checkpoint: Submission accepted?\n\nPhase 4: Review\n├── Step 11: Monitor review status\n├── Step 12: Respond to AI requests\n├── Step 13: Receive decision\n└── Verification: SE letter received?" }, { "title": "Required Sections (21 CFR 807.87)", "body": "SectionContentCover LetterSubmission type, device ID, contact infoForm 3514CDRH premarket review cover sheetDevice DescriptionPhysical description, principles of operationIndications for UseForm 3881, patient population, use environmentSE ComparisonSide-by-side comparison with predicatePerformance TestingBench, biocompatibility, electrical safetySoftware DocumentationLevel of concern, hazard analysis (IEC 62304)LabelingIFU, package labels, warnings510(k) SummaryPublic summary of submission" }, { "title": "Common RTA Issues", "body": "IssuePreventionMissing user feeVerify payment before submissionIncomplete Form 3514Review all fields, ensure signatureNo predicate identifiedConfirm K-number in FDA databaseInadequate SE comparisonAddress all technological characteristics" }, { "title": "QSR Compliance", "body": "Quality System Regulation (21 CFR Part 820) requirements for medical device manufacturers." }, { "title": "Key Subsystems", "body": "SectionTitleFocus820.20Management ResponsibilityQuality policy, org structure, management review820.30Design ControlsInput, output, review, verification, validation820.40Document ControlsApproval, distribution, change control820.50Purchasing ControlsSupplier qualification, purchasing data820.70Production ControlsProcess validation, environmental controls820.100CAPARoot cause analysis, corrective actions820.181Device Master RecordSpecifications, procedures, acceptance criteria" }, { "title": "Design Controls Workflow (820.30)", "body": "Step 1: Design Input\n└── Capture user needs, intended use, regulatory requirements\n Verification: Inputs reviewed and approved?\n\nStep 2: Design Output\n└── Create specifications, drawings, software architecture\n Verification: Outputs traceable to inputs?\n\nStep 3: Design Review\n└── Conduct reviews at each phase milestone\n Verification: Review records with signatures?\n\nStep 4: Design Verification\n└── Perform testing against specifications\n Verification: All tests pass acceptance criteria?\n\nStep 5: Design Validation\n└── Confirm device meets user needs in actual use conditions\n Verification: Validation report approved?\n\nStep 6: Design Transfer\n└── Release to production with DMR complete\n Verification: Transfer checklist complete?" }, { "title": "CAPA Process (820.100)", "body": "Identify: Document nonconformity or potential problem\nInvestigate: Perform root cause analysis (5 Whys, Fishbone)\nPlan: Define corrective/preventive actions\nImplement: Execute actions, update documentation\nVerify: Confirm implementation complete\nEffectiveness: Monitor for recurrence (30-90 days)\nClose: Management approval and closure\n\nReference: See qsr_compliance_requirements.md for detailed QSR implementation guidance." }, { "title": "HIPAA for Medical Devices", "body": "HIPAA requirements for devices that create, store, transmit, or access Protected Health Information (PHI)." }, { "title": "Applicability", "body": "Device TypeHIPAA AppliesStandalone diagnostic (no data transmission)NoConnected device transmitting patient dataYesDevice with EHR integrationYesSaMD storing patient informationYesWellness app (no diagnosis)Only if stores PHI" }, { "title": "Required Safeguards", "body": "Administrative (§164.308)\n├── Security officer designation\n├── Risk analysis and management\n├── Workforce training\n├── Incident response procedures\n└── Business associate agreements\n\nPhysical (§164.310)\n├── Facility access controls\n├── Workstation security\n└── Device disposal procedures\n\nTechnical (§164.312)\n├── Access control (unique IDs, auto-logoff)\n├── Audit controls (logging)\n├── Integrity controls (checksums, hashes)\n├── Authentication (MFA recommended)\n└── Transmission security (TLS 1.2+)" }, { "title": "Risk Assessment Steps", "body": "Inventory all systems handling ePHI\nDocument data flows (collection, storage, transmission)\nIdentify threats and vulnerabilities\nAssess likelihood and impact\nDetermine risk levels\nImplement controls\nDocument residual risk\n\nReference: See hipaa_compliance_framework.md for implementation checklists and BAA templates." }, { "title": "Device Cybersecurity", "body": "FDA cybersecurity requirements for connected medical devices." }, { "title": "Premarket Requirements", "body": "ElementDescriptionThreat ModelSTRIDE analysis, attack trees, trust boundariesSecurity ControlsAuthentication, encryption, access controlSBOMSoftware Bill of Materials (CycloneDX or SPDX)Security TestingPenetration testing, vulnerability scanningVulnerability PlanDisclosure process, patch management" }, { "title": "Device Tier Classification", "body": "Tier 1 (Higher Risk):\n\nConnects to network/internet\nCybersecurity incident could cause patient harm\n\nTier 2 (Standard Risk):\n\nAll other connected devices" }, { "title": "Postmarket Obligations", "body": "Monitor NVD and ICS-CERT for vulnerabilities\nAssess applicability to device components\nDevelop and test patches\nCommunicate with customers\nReport to FDA per guidance" }, { "title": "Coordinated Vulnerability Disclosure", "body": "Researcher Report\n ↓\nAcknowledgment (48 hours)\n ↓\nInitial Assessment (5 days)\n ↓\nFix Development\n ↓\nCoordinated Public Disclosure\n\nReference: See device_cybersecurity_guidance.md for SBOM format examples and threat modeling templates." }, { "title": "scripts/", "body": "ScriptPurposefda_submission_tracker.pyTrack 510(k)/PMA/De Novo submission milestones and timelinesqsr_compliance_checker.pyAssess 21 CFR 820 compliance against project documentationhipaa_risk_assessment.pyEvaluate HIPAA safeguards in medical device software" }, { "title": "references/", "body": "FileContentfda_submission_guide.md510(k), De Novo, PMA submission requirements and checklistsqsr_compliance_requirements.md21 CFR 820 implementation guide with templateshipaa_compliance_framework.mdHIPAA Security Rule safeguards and BAA requirementsdevice_cybersecurity_guidance.mdFDA cybersecurity requirements, SBOM, threat modelingfda_capa_requirements.mdCAPA process, root cause analysis, effectiveness verification" }, { "title": "Usage Examples", "body": "# Track FDA submission status\npython scripts/fda_submission_tracker.py /path/to/project --type 510k\n\n# Assess QSR compliance\npython scripts/qsr_compliance_checker.py /path/to/project --section 820.30\n\n# Run HIPAA risk assessment\npython scripts/hipaa_risk_assessment.py /path/to/project --category technical" } ], "body": "FDA Consultant Specialist\n\nFDA regulatory consulting for medical device manufacturers covering submission pathways, Quality System Regulation (QSR), HIPAA compliance, and device cybersecurity requirements.\n\nTable of Contents\nFDA Pathway Selection\n510(k) Submission Process\nQSR Compliance\nHIPAA for Medical Devices\nDevice Cybersecurity\nResources\nFDA Pathway Selection\n\nDetermine the appropriate FDA regulatory pathway based on device classification and predicate availability.\n\nDecision Framework\nPredicate device exists?\n├── YES → Substantially equivalent?\n│ ├── YES → 510(k) Pathway\n│ │ ├── No design changes → Abbreviated 510(k)\n│ │ ├── Manufacturing only → Special 510(k)\n│ │ └── Design/performance → Traditional 510(k)\n│ └── NO → PMA or De Novo\n└── NO → Novel device?\n ├── Low-to-moderate risk → De Novo\n └── High risk (Class III) → PMA\n\nPathway Comparison\nPathway\tWhen to Use\tTimeline\tCost\n510(k) Traditional\tPredicate exists, design changes\t90 days\t$21,760\n510(k) Special\tManufacturing changes only\t30 days\t$21,760\n510(k) Abbreviated\tGuidance/standard conformance\t30 days\t$21,760\nDe Novo\tNovel, low-moderate risk\t150 days\t$134,676\nPMA\tClass III, no predicate\t180+ days\t$425,000+\nPre-Submission Strategy\nIdentify product code and classification\nSearch 510(k) database for predicates\nAssess substantial equivalence feasibility\nPrepare Q-Sub questions for FDA\nSchedule Pre-Sub meeting if needed\n\nReference: See fda_submission_guide.md for pathway decision matrices and submission requirements.\n\n510(k) Submission Process\nWorkflow\nPhase 1: Planning\n├── Step 1: Identify predicate device(s)\n├── Step 2: Compare intended use and technology\n├── Step 3: Determine testing requirements\n└── Checkpoint: SE argument feasible?\n\nPhase 2: Preparation\n├── Step 4: Complete performance testing\n├── Step 5: Prepare device description\n├── Step 6: Document SE comparison\n├── Step 7: Finalize labeling\n└── Checkpoint: All required sections complete?\n\nPhase 3: Submission\n├── Step 8: Assemble submission package\n├── Step 9: Submit via eSTAR\n├── Step 10: Track acknowledgment\n└── Checkpoint: Submission accepted?\n\nPhase 4: Review\n├── Step 11: Monitor review status\n├── Step 12: Respond to AI requests\n├── Step 13: Receive decision\n└── Verification: SE letter received?\n\nRequired Sections (21 CFR 807.87)\nSection\tContent\nCover Letter\tSubmission type, device ID, contact info\nForm 3514\tCDRH premarket review cover sheet\nDevice Description\tPhysical description, principles of operation\nIndications for Use\tForm 3881, patient population, use environment\nSE Comparison\tSide-by-side comparison with predicate\nPerformance Testing\tBench, biocompatibility, electrical safety\nSoftware Documentation\tLevel of concern, hazard analysis (IEC 62304)\nLabeling\tIFU, package labels, warnings\n510(k) Summary\tPublic summary of submission\nCommon RTA Issues\nIssue\tPrevention\nMissing user fee\tVerify payment before submission\nIncomplete Form 3514\tReview all fields, ensure signature\nNo predicate identified\tConfirm K-number in FDA database\nInadequate SE comparison\tAddress all technological characteristics\nQSR Compliance\n\nQuality System Regulation (21 CFR Part 820) requirements for medical device manufacturers.\n\nKey Subsystems\nSection\tTitle\tFocus\n820.20\tManagement Responsibility\tQuality policy, org structure, management review\n820.30\tDesign Controls\tInput, output, review, verification, validation\n820.40\tDocument Controls\tApproval, distribution, change control\n820.50\tPurchasing Controls\tSupplier qualification, purchasing data\n820.70\tProduction Controls\tProcess validation, environmental controls\n820.100\tCAPA\tRoot cause analysis, corrective actions\n820.181\tDevice Master Record\tSpecifications, procedures, acceptance criteria\nDesign Controls Workflow (820.30)\nStep 1: Design Input\n└── Capture user needs, intended use, regulatory requirements\n Verification: Inputs reviewed and approved?\n\nStep 2: Design Output\n└── Create specifications, drawings, software architecture\n Verification: Outputs traceable to inputs?\n\nStep 3: Design Review\n└── Conduct reviews at each phase milestone\n Verification: Review records with signatures?\n\nStep 4: Design Verification\n└── Perform testing against specifications\n Verification: All tests pass acceptance criteria?\n\nStep 5: Design Validation\n└── Confirm device meets user needs in actual use conditions\n Verification: Validation report approved?\n\nStep 6: Design Transfer\n└── Release to production with DMR complete\n Verification: Transfer checklist complete?\n\nCAPA Process (820.100)\nIdentify: Document nonconformity or potential problem\nInvestigate: Perform root cause analysis (5 Whys, Fishbone)\nPlan: Define corrective/preventive actions\nImplement: Execute actions, update documentation\nVerify: Confirm implementation complete\nEffectiveness: Monitor for recurrence (30-90 days)\nClose: Management approval and closure\n\nReference: See qsr_compliance_requirements.md for detailed QSR implementation guidance.\n\nHIPAA for Medical Devices\n\nHIPAA requirements for devices that create, store, transmit, or access Protected Health Information (PHI).\n\nApplicability\nDevice Type\tHIPAA Applies\nStandalone diagnostic (no data transmission)\tNo\nConnected device transmitting patient data\tYes\nDevice with EHR integration\tYes\nSaMD storing patient information\tYes\nWellness app (no diagnosis)\tOnly if stores PHI\nRequired Safeguards\nAdministrative (§164.308)\n├── Security officer designation\n├── Risk analysis and management\n├── Workforce training\n├── Incident response procedures\n└── Business associate agreements\n\nPhysical (§164.310)\n├── Facility access controls\n├── Workstation security\n└── Device disposal procedures\n\nTechnical (§164.312)\n├── Access control (unique IDs, auto-logoff)\n├── Audit controls (logging)\n├── Integrity controls (checksums, hashes)\n├── Authentication (MFA recommended)\n└── Transmission security (TLS 1.2+)\n\nRisk Assessment Steps\nInventory all systems handling ePHI\nDocument data flows (collection, storage, transmission)\nIdentify threats and vulnerabilities\nAssess likelihood and impact\nDetermine risk levels\nImplement controls\nDocument residual risk\n\nReference: See hipaa_compliance_framework.md for implementation checklists and BAA templates.\n\nDevice Cybersecurity\n\nFDA cybersecurity requirements for connected medical devices.\n\nPremarket Requirements\nElement\tDescription\nThreat Model\tSTRIDE analysis, attack trees, trust boundaries\nSecurity Controls\tAuthentication, encryption, access control\nSBOM\tSoftware Bill of Materials (CycloneDX or SPDX)\nSecurity Testing\tPenetration testing, vulnerability scanning\nVulnerability Plan\tDisclosure process, patch management\nDevice Tier Classification\n\nTier 1 (Higher Risk):\n\nConnects to network/internet\nCybersecurity incident could cause patient harm\n\nTier 2 (Standard Risk):\n\nAll other connected devices\nPostmarket Obligations\nMonitor NVD and ICS-CERT for vulnerabilities\nAssess applicability to device components\nDevelop and test patches\nCommunicate with customers\nReport to FDA per guidance\nCoordinated Vulnerability Disclosure\nResearcher Report\n ↓\nAcknowledgment (48 hours)\n ↓\nInitial Assessment (5 days)\n ↓\nFix Development\n ↓\nCoordinated Public Disclosure\n\n\nReference: See device_cybersecurity_guidance.md for SBOM format examples and threat modeling templates.\n\nResources\nscripts/\nScript\tPurpose\nfda_submission_tracker.py\tTrack 510(k)/PMA/De Novo submission milestones and timelines\nqsr_compliance_checker.py\tAssess 21 CFR 820 compliance against project documentation\nhipaa_risk_assessment.py\tEvaluate HIPAA safeguards in medical device software\nreferences/\nFile\tContent\nfda_submission_guide.md\t510(k), De Novo, PMA submission requirements and checklists\nqsr_compliance_requirements.md\t21 CFR 820 implementation guide with templates\nhipaa_compliance_framework.md\tHIPAA Security Rule safeguards and BAA requirements\ndevice_cybersecurity_guidance.md\tFDA cybersecurity requirements, SBOM, threat modeling\nfda_capa_requirements.md\tCAPA process, root cause analysis, effectiveness verification\nUsage Examples\n# Track FDA submission status\npython scripts/fda_submission_tracker.py /path/to/project --type 510k\n\n# Assess QSR compliance\npython scripts/qsr_compliance_checker.py /path/to/project --section 820.30\n\n# Run HIPAA risk assessment\npython scripts/hipaa_risk_assessment.py /path/to/project --category technical" }, "trust": { "sourceLabel": "tencent", "provenanceUrl": "https://clawhub.ai/alirezarezvani/fda-consultant-specialist", "publisherUrl": "https://clawhub.ai/alirezarezvani/fda-consultant-specialist", "owner": "alirezarezvani", "version": "2.1.1", "license": null, "verificationStatus": "Indexed source record" }, "links": { "detailUrl": "https://openagent3.xyz/skills/fda-consultant-specialist", "downloadUrl": "https://openagent3.xyz/downloads/fda-consultant-specialist", "agentUrl": "https://openagent3.xyz/skills/fda-consultant-specialist/agent", "manifestUrl": "https://openagent3.xyz/skills/fda-consultant-specialist/agent.json", "briefUrl": "https://openagent3.xyz/skills/fda-consultant-specialist/agent.md" } }