eCRF Designer
Clinical data collection form design.
Use Cases
- - Case report form creation
- CDISC SDTM compliance
- EDC system setup
- Data validation rules
Parameters
- -
visit_schedule: Time points - INLINECODE1�: Variables to collect
- INLINECODE2�: SDTM domain
Returns
- - CRF specifications
- Field validation rules
- Logic skip patterns
- Data dictionary
Example
Demographics form with edit checks for age range
Risk Assessment
| Risk Indicator | Assessment | Level |
|---|
| Code Execution | Python/R scripts executed locally | Medium |
| Network Access |
No external API calls | Low |
| File System Access | Read input files, write output files | Medium |
| Instruction Tampering | Standard prompt guidelines | Low |
| Data Exposure | Output files saved to workspace | Low |
Security Checklist
- - [ ] No hardcoded credentials or API keys
- [ ] No unauthorized file system access (../)
- [ ] Output does not expose sensitive information
- [ ] Prompt injection protections in place
- [ ] Input file paths validated (no ../ traversal)
- [ ] Output directory restricted to workspace
- [ ] Script execution in sandboxed environment
- [ ] Error messages sanitized (no stack traces exposed)
- [ ] Dependencies audited
Prerequisites
No additional Python packages required.
Evaluation Criteria
Success Metrics
- - [ ] Successfully executes main functionality
- [ ] Output meets quality standards
- [ ] Handles edge cases gracefully
- [ ] Performance is acceptable
Test Cases
- 1. Basic Functionality: Standard input → Expected output
- Edge Case: Invalid input → Graceful error handling
- Performance: Large dataset → Acceptable processing time
Lifecycle Status
- - Current Stage: Draft
- Next Review Date: 2026-03-06
- Known Issues: None
- Planned Improvements:
- Performance optimization
- Additional feature support
技能名称: ecrf-designer
详细描述:
eCRF设计器
临床数据采集表单设计。
使用场景
- - 病例报告表创建
- CDISC SDTM合规性
- EDC系统设置
- 数据验证规则
参数
- - visitschedule: 时间点
- dataelements: 待采集变量
- cdisc_domain: SDTM域
返回值
示例
包含年龄范围编辑检查的人口统计学表单
风险评估
| 风险指标 | 评估 | 等级 |
|---|
| 代码执行 | 本地执行Python/R脚本 | 中 |
| 网络访问 |
无外部API调用 | 低 |
| 文件系统访问 | 读取输入文件,写入输出文件 | 中 |
| 指令篡改 | 标准提示词指南 | 低 |
| 数据暴露 | 输出文件保存至工作区 | 低 |
安全检查清单
- - [ ] 无硬编码凭据或API密钥
- [ ] 无未经授权的文件系统访问(../)
- [ ] 输出不暴露敏感信息
- [ ] 已实施提示注入防护
- [ ] 输入文件路径已验证(无../遍历)
- [ ] 输出目录限制在工作区内
- [ ] 脚本在沙盒环境中执行
- [ ] 错误消息已清理(不暴露堆栈跟踪)
- [ ] 依赖项已审计
前置条件
无需额外Python包。
评估标准
成功指标
- - [ ] 成功执行主要功能
- [ ] 输出符合质量标准
- [ ] 优雅处理边界情况
- [ ] 性能可接受
测试用例
- 1. 基本功能: 标准输入 → 预期输出
- 边界情况: 无效输入 → 优雅错误处理
- 性能: 大数据集 → 可接受处理时间
生命周期状态
- - 当前阶段: 草稿
- 下次审查日期: 2026-03-06
- 已知问题: 无
- 计划改进:
- 性能优化
- 新增功能支持
