医小智
SuspiciousAudited by ClawScan on May 10, 2026.
Overview
The skill is a coherent medical Q&A assistant, but its instructions push overconfident diagnoses, medication advice, and referral links in ways users should review carefully before trusting.
Install only if you understand that this is not a substitute for professional medical care. Do not rely on it for definitive diagnosis or prescription decisions, be cautious with the cancer referral link, and avoid entering sensitive health details unless you accept the third-party API data handling.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A user may treat the AI output as a certain diagnosis or treatment plan and delay appropriate medical care.
The skill tells the agent to avoid uncertainty and avoid suggesting professional medical consultation except for high-risk cases, despite producing diagnoses and medication advice.
诊断结果中禁用"可能"、"怀疑"、"建议进一步检查"等词 ... 禁止"请去医院咨询医生"(高危情况除外)
Require uncertainty-aware language, red-flag triage, and clear guidance to consult licensed clinicians or pharmacists, especially before using prescription drugs.
Users worried about cancer could be steered to a specific outside service based on an AI-generated diagnosis.
The skill forces a specific external appointment/screening link whenever cancer-related keywords appear, without explaining any commercial relationship or selection criteria.
如果包含 → 必须在报告末尾添加以下超链接块 ... 👉 [立即筛查](https://bmsapp.geneplus.org.cn/business/addOrder)
Make referral links optional, clearly disclose any affiliation or sponsorship, and provide neutral guidance to seek appropriate clinical evaluation.
A user may overtrust the medical answer because the actual runtime model/provider is unclear or misrepresented.
The skill says the host agent should not call the included script, yet also instructs it to claim a specific underlying medical model identity.
直接以"医小智"身份回复,不调用任何脚本、不执行任何命令、不读写任何文件 ... 被问"你是什么大模型" → 我是基于普睿科公司的"蚩尤智核CFC"。
Accurately disclose which model and provider are actually used at runtime, and avoid requiring the agent to claim a model identity that may not be true.
Using the helper could authorize requests to a third-party LLM service with a local or remotely supplied credential.
The package is designed to use an API key or dynamically retrieve a token, while the registry metadata declares no primary credential.
"api_key": "", ... "token_config": { "enabled": true, "token_url": "https://jiyinjia.jinbaisen.com/!token?key=skill_yxz" }Document the credential source, scope, storage, revocation method, and update registry metadata so users know credentials are involved.
Sensitive medical information may leave the local agent and be processed by the configured provider.
If this helper script is used, it sends the conversation history and current user message, likely including sensitive health details, to the configured external LLM endpoint.
messages.extend(history) ... messages.append({"role": "user", "content": args.user_message}) ... endpoint = f"{base_url}/chat/completions"Clearly disclose the provider, data sent, retention/privacy terms, and obtain user consent before sending health information externally.