TCM Constitution Identification & Analysis Tool | 中医体质识别分析工具

This skill appears to implement remote face/video TCM analysis and will send images/URLs to external APIs (default base URLs are present in the bundled config). Before installing or running it: - Understand data egress: the scripts upload images (multipart/form-data) to remote endpoints (configured in skills/smyx_common config). If you don't trust the remote service, do not upload sensitive photos. - Verify endpoints and API keys: the repo contains default production/staging endpoints (lifeemergence.com variants) in config YAMLs. Confirm these are expected and safe for your use-case. - Check environment/locals: the code reads OPENCLAW_WORKSPACE and other env vars (OPENCLAW_SENDER_OPEN_ID, etc.) though the skill's metadata declares none. Decide whether you are comfortable with that implicit env access. - Local persistence: the included common code can create an SQLite DB under a workspace data directory. If you need to avoid local storage, do not run this skill or inspect and remove DAO usage first. - Inconsistencies to clarify with the author: SKILL.md forbids local memory and states a strict open-id lookup order, but the code will accept open-id from env and includes local DB/DAO code. Ask the maintainer which behavior is authoritative. - If you proceed, run the skill in a sandbox (restricted workspace, network isolation) and review the RequestUtil implementation (skills/smyx_common/scripts/util.py) to confirm where HTTP requests go and what headers/credentials are sent.