平安保险顾问助手
PassAudited by ClawScan on May 6, 2026.
Overview
This appears to be a coherent insurance-planning skill, but it handles sensitive customer health and financial information and can place reports in Feishu documents.
This skill looks purpose-aligned and not malicious based on the provided artifacts. Use it only with appropriate customer consent, avoid entering unnecessary medical or financial details, check Feishu sharing permissions before generating documents, and install any needed Python dependencies from trusted sources.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Customer health, financial, and identity information may be retained in reports or customer files.
The SOP expects customer records to include identity, health disclosure, coverage analysis, policies, and communication history.
客户档案内容:基本信息表、健康告知记录、保障缺口分析、方案建议书、保单汇总表、沟通记录
Get customer consent, minimize unnecessary fields, define where records are stored, and set retention/access controls before using it with real customer data.
Sensitive customer information could become accessible according to the Feishu document’s workspace and sharing settings.
The report workflow may put the completed insurance analysis into a Feishu cloud/workspace document, but sharing and access boundaries are not specified.
飞书文档 - 文字版方案,可编辑分享(推荐)
Verify the Feishu account, document permissions, and sharing settings before generating reports containing medical or financial details.
The agent may create or modify Feishu documents as part of report generation.
If the Feishu tool is available, the skill can create or write documents using the user’s workspace permissions.
feishu_doc action=write doc_token=<文档token> content="完整markdown内容"
Use least-privilege Feishu access and write only to the report document the user approved.
A user may need to install an unpinned Python package manually to use PDF generation.
PDF generation depends on reportlab, but the registry has no install spec or pinned dependency declaration.
print("Error: reportlab not installed. Run: pip install reportlab")Install dependencies from trusted sources and consider pinning reportlab to a reviewed version.