Stats
Actions
Tags
From abridge-pack
Configures GitHub Actions CI/CD pipeline for Abridge healthcare AI integrations: PHI leak scans, FHIR validation, linting, and sandbox tests.
How this skill is triggered — by the user, by Claude, or both
Slash command
/abridge-pack:abridge-ci-integrationThis skill is limited to the following tools:
The summary Claude sees in its skill listing — used to decide when to auto-load this skill
CI/CD pipeline for Abridge clinical documentation integrations. Healthcare CI pipelines require FHIR resource validation, PHI leak scanning, HIPAA compliance checks, and sandbox integration testing.
CI/CD pipeline for Abridge clinical documentation integrations. Healthcare CI pipelines require FHIR resource validation, PHI leak scanning, HIPAA compliance checks, and sandbox integration testing.
# .github/workflows/abridge-ci.yml
name: Abridge Integration CI
on:
push:
branches: [main, develop]
pull_request:
branches: [main]
env:
NODE_VERSION: '20'
jobs:
lint-and-type-check:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with: { node-version: '${{ env.NODE_VERSION }}' }
- run: npm ci
- run: npm run lint
- run: npm run typecheck
phi-leak-scan:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Scan for PHI patterns in source code
run: |
echo "Scanning for PHI patterns..."
# SSN patterns
if grep -rn '\b[0-9]\{3\}-[0-9]\{2\}-[0-9]\{4\}\b' src/ --include='*.ts' --include='*.js'; then
echo "FAIL: Possible SSN found in source code"
exit 1
fi
# Hardcoded patient names (common test names)
if grep -rn '"John Doe\|Jane Doe\|Test Patient"' src/ --include='*.ts'; then
echo "WARN: Hardcoded patient names — use synthetic data"
fi
echo "PHI scan passed"
fhir-validation:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with: { node-version: '${{ env.NODE_VERSION }}' }
- run: npm ci
- name: Validate FHIR resources
run: |
npm run test:fhir-schemas
echo "FHIR R4 validation passed"
sandbox-integration:
runs-on: ubuntu-latest
if: github.event_name == 'push' && github.ref == 'refs/heads/main'
needs: [lint-and-type-check, phi-leak-scan, fhir-validation]
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with: { node-version: '${{ env.NODE_VERSION }}' }
- run: npm ci
- name: Run sandbox integration tests
env:
ABRIDGE_SANDBOX_URL: ${{ secrets.ABRIDGE_SANDBOX_URL }}
ABRIDGE_CLIENT_SECRET: ${{ secrets.ABRIDGE_CLIENT_SECRET }}
ABRIDGE_ORG_ID: ${{ secrets.ABRIDGE_ORG_ID }}
run: npm run test:integration
// tests/fhir-validation.test.ts
import { describe, it, expect } from 'vitest';
describe('FHIR R4 Resource Validation', () => {
it('should generate valid DocumentReference', () => {
const docRef = {
resourceType: 'DocumentReference',
status: 'current',
type: { coding: [{ system: 'http://loinc.org', code: '11506-3', display: 'Progress note' }] },
subject: { reference: 'Patient/test-001' },
content: [{ attachment: { contentType: 'text/plain', data: btoa('test note') } }],
};
expect(docRef.resourceType).toBe('DocumentReference');
expect(docRef.status).toBe('current');
expect(docRef.type.coding[0].system).toBe('http://loinc.org');
expect(docRef.content[0].attachment.contentType).toBe('text/plain');
});
it('should generate valid Communication resource for patient summary', () => {
const comm = {
resourceType: 'Communication',
status: 'completed',
category: [{ coding: [{ system: 'http://terminology.hl7.org/CodeSystem/communication-category', code: 'notification' }] }],
subject: { reference: 'Patient/test-001' },
payload: [{ contentString: 'Your visit summary...' }],
};
expect(comm.resourceType).toBe('Communication');
expect(comm.payload[0].contentString).toBeTruthy();
});
});
// tests/integration/sandbox.test.ts
import { describe, it, expect } from 'vitest';
import axios from 'axios';
describe('Abridge Sandbox Integration', () => {
const api = axios.create({
baseURL: process.env.ABRIDGE_SANDBOX_URL,
headers: {
'Authorization': `Bearer ${process.env.ABRIDGE_CLIENT_SECRET}`,
'X-Org-Id': process.env.ABRIDGE_ORG_ID!,
},
});
it('should create and finalize an encounter session', async () => {
const { data: session } = await api.post('/encounters/sessions', {
patient_id: 'ci-test-patient',
provider_id: 'ci-test-provider',
encounter_type: 'outpatient',
specialty: 'internal_medicine',
sandbox: true,
});
expect(session.session_id).toBeTruthy();
expect(session.status).toBe('initialized');
// Submit transcript
await api.post(`/encounters/sessions/${session.session_id}/transcript`, {
speaker: 'provider', text: 'CI test — patient presents with headache.',
});
// Finalize
await api.post(`/encounters/sessions/${session.session_id}/finalize`);
}, 30000);
});
| Issue | Cause | Solution |
|---|---|---|
| PHI scan false positive | Regex too broad | Add pattern to allowlist in scan script |
| Sandbox test timeout | API slow | Increase vitest timeout to 30s |
| Secrets not available | Missing GitHub Secrets | Add to repo Settings > Secrets |
For deployment procedures, see abridge-deploy-integration.
npx claudepluginhub jeremylongshore/claude-code-plugins-plus-skills --plugin abridge-packSets up local Abridge dev environment with HAPI FHIR server via Docker, synthetic patient data, and TypeScript config for clinical AI/EHR workflow testing.
Runs automated patient safety test suites for healthcare deployments, blocking on CRITICAL failures in CDSS accuracy, PHI exposure, and data integrity.
Automated patient safety validation suite for healthcare app deployments. Tests CDSS accuracy, PHI exposure, data integrity, clinical workflows, and HL7/FHIR integration. Blocks deployment on critical failures.