Skip to content

Risks: OpenEvidence API / Hermes Integration

| Date | Risk | Area | Severity | Mitigation | Owner | Status | |---|---|---|---|---|---| | 2026-05-29 | No official API or unsupported use case. | Vendor/integration | Medium | Verify via official sources/vendor before implementation. | Robbie | Open | | 2026-05-29 | PHI/compliance exposure if used without BAA/security review. | Security/compliance | High | No PHI; require security/legal approval before production. | Jeremy/security | Open | | 2026-05-29 | Clinical over-reliance or stale evidence. | Clinical safety | High | Require citations, doctor review, freshness checks, disclaimers. | Clinical reviewer | Open | | 2026-05-29 | Browser automation/unofficial MCP could break or violate terms. | Operational/legal | Medium | Use only for non-sensitive exploration unless approved. | Robbie/engineering | Open |