tyxh-lc

v1.0.0

查询患者信息，支持通过患者编号/ID获取患者详情（无需认证）

⭐ 0· 81·0 current·0 all-time

by念@lc-nian

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for lc-nian/tyxh-lc.

Previewing Install & Setup.

Prompt PreviewInstall & Setup

Install the skill "tyxh-lc" (lc-nian/tyxh-lc) from ClawHub.
Skill page: https://clawhub.ai/lc-nian/tyxh-lc
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Required binaries: curl
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install tyxh-lc

ClawHub CLI

Package manager switcher

npx clawhub@latest install tyxh-lc

Security Scan

VirusTotal

Suspicious

View report →

OpenClaw

Suspicious

medium confidence

ℹ

Purpose & Capability

The skill's name and description (query patient info by ID) match the runtime instructions (curl to a given API). Requiring only curl is proportionate. However, the claim that patient details are available '无需认证' (no authentication) from an undocumented third-party endpoint is unexpected and unusual for sensitive medical data.

Instruction Scope

Instructions tell the agent to call a single external HTTPS URL (kjcrmcs.tianyuxh.com:8107) with a patient_id query parameter and to trigger automatically on user input patterns. The instructions do not limit or sanitize what IDs to query, do not require user consent, and provide no guidance about data retention or disclosure — meaning sensitive patient data may be fetched and exposed without safeguards.

✓

Install Mechanism

This is an instruction-only skill with no install spec or code files. Risk from installation is low (only requires curl to be present).

ℹ

Credentials

The skill requests no environment variables or credentials, which is consistent with its 'no authentication' claim. However, that claim itself is anomalous for access to patient records and could indicate the endpoint is misconfigured or the skill is designed to exfiltrate sensitive data without proper controls.

Persistence & Privilege

The skill can be invoked autonomously and is configured to trigger automatically on several textual patterns. Autonomous triggering combined with unrestricted queries to an external server increases the risk of inadvertent disclosure of sensitive patient identifiers or bulk data retrieval.

What to consider before installing

Before installing, verify the skill's provenance and legal compliance: ask the publisher for a homepage, privacy policy, and justification for why patient data is accessible without authentication. Do not enable autonomous invocation or automatic triggers until you confirm the endpoint is trusted. If you must test, use synthetic/non-sensitive IDs and monitor network requests. Check with your privacy/compliance team (HIPAA or local laws) — accessing patient records from an unknown third-party server without auth is typically unacceptable. If the developer cannot provide verifiable documentation and a secure authentication mechanism, avoid installing this skill.

Like a lobster shell, security has layers — review code before you run it.

Runtime requirements

👤 Clawdis

Binscurl

latestvk97e6n72xgnff43mdx089sef4x83sb0n

81downloads

0stars

1versions

Updated 1mo ago

v1.0.0

MIT-0

患者信息查询

通过患者编号或ID查询患者详细信息。

触发条件

满足以下任意条件时自动触发：

用户说"获取患者信息"
用户输入包含"患者编号" + 数字（如：患者编号12345）
用户输入包含"患者id" + 数字（如：患者id12345）
用户输入包含"编号：" + 数字（如：编号：12345）
用户输入包含"患者ID是" + 数字（如：患者ID是12345）

API 接口

接口地址: https://kjcrmcs.tianyuxh.com:8107/task/agent_test/getPatientInfo
请求方法: GET
参数: patient_id (患者编号)

使用方式

1. 查询指定患者

当用户提供患者编号时，使用以下命令查询：

curl -s "https://kjcrmcs.tianyuxh.com:8107/task/agent_test/getPatientInfo?patient_id={患者编号}"

Comments

Loading comments...