abridge-core-workflow-b

SUSPICIOUS: The workflow is plausibly aligned with patient-summary generation and FHIR portal delivery, but it is published by a non-Abridge author, uses Abridge-specific endpoints that are not publicly verifiable, and sends patient data plus bearer tokens to a caller-controlled FHIR base URL. No confirmed malware or overt credential theft appears, but provenance gaps and unconstrained external posting create medium risk.