噗滋慈善 - 管理顾问 / pozzzi-charity management-advisor
ReviewAudited by ClawScan on May 17, 2026.
Overview
Prompt-injection indicators were detected in the submitted artifacts (system-prompt-override); human review is required before treating this skill as clean.
Before installing, confirm which model provider will process your questions and where any storage adapter keeps history. Do not include beneficiary names, phone numbers, IDs, or sensitive case details; use role labels or anonymized descriptions instead. ClawScan detected prompt-injection indicators (system-prompt-override), so this skill requires review even though the model response was benign.
Publisher note
NGO 公益管理 RAG 知识库咨询,覆盖慈善法规 / 合规操作 / 组织治理 / 财务税务 / 人力资源 5大类。每条回答硬编码强制免责声明("本回答不构成法律意见,建议咨询专业律师/税务师")+ 知识库来源标注。仅咨询不执行业务,用户自带模型 API key
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
PII filtering and disclaimer behavior depend partly on helper code that was not included in the submitted artifacts.
The skill depends on shared helper modules outside the provided file manifest; they are purpose-aligned safety helpers, but their implementation was not available for this review.
const { injectDisclaimer } = require('../../../packages/shared/disclaimer-injector');
const { filterPII } = require('../../../packages/shared/pii-filter');Verify the provenance and contents of the shared helper modules, or include/pin them in the reviewed package.
Your organization name, category, timing, and a question hash may be kept in local/host-managed history for audit purposes.
The visible workflow can persist limited query metadata and history when a storage adapter is supplied, while avoiding the raw question in audit logs.
日志保留 ≥6 个月(由 storage-adapter 强制) ... org_name: input.org_name, question_hash: questionHash ... await _safeAppendHistory(storage, SKILL_ID, { org_name: input.org_name, ... })Check where the storage adapter writes data, how long it is retained, and avoid entering unnecessary sensitive identifiers.
The selected model provider may receive the organization context and filtered question content needed to answer.
The skill is intended to send constructed prompts to an injected model gateway when available; this is expected for an advisory Q&A skill.
@param {object} [options.modelClient] - model-gateway ModelClient 实例(依赖注入,可选) ... Step 5: 模型调用(temperature 0.4,maxTokens 2000)Use a trusted model provider and remove personal, beneficiary, or confidential details before asking questions.