Cms Tbs Training
ReviewAudited by ClawScan on May 10, 2026.
Overview
The skill mostly matches a TBS training API wrapper, but it tells the agent to force-install an external auth skill automatically and can use account tokens for remote state-changing actions.
Install only if you trust the TBS/GPTS domains and the separate `cms-auth-skills` dependency. Prefer installing and reviewing that dependency yourself instead of allowing automatic `--force` installs, and confirm any operation that changes remote state such as clearing caches, resetting scene images, saving progress, uploading files by URL, or finishing/submitting training records.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing this skill could cause the agent to modify its installed skill set and rely on unreviewed or updated external auth code that handles user authentication.
The skill tells the agent to automatically fetch and force-install an external auth skill, including an unpinned GitHub fallback, before continuing authenticated work.
如果未安装,先执行 `npx clawhub@latest install cms-auth-skills --force` ... 再执行 `npx clawhub@latest install https://github.com/spzwin/cms-auth-skills.git --force`
Pin and declare the auth dependency in installation metadata, avoid `--force`, remove automatic fallback installs, and require explicit user approval before installing or replacing any dependency.
Authenticated API calls may access or change TBS training data under the user's account.
The skill expects account tokens and identity headers for GPTS/TBS operations. This is consistent with the platform integration, but users should notice the credential authority involved.
export XG_USER_TOKEN="your-access-token" ... export XG_CORP_ID="your-corpId" ... export XG_EMPLOYEE_ID="your-employeeId" ... export XG_PERSON_ID="your-personId"
Use a least-privilege account/token where possible, confirm the `cms-auth-skills` dependency is trusted, and avoid sharing tokens in chat or logs.
A mistaken or under-specified request could change shared platform state, such as clearing cached guidance for more users than intended.
The skill documents a DELETE operation that can clear cached guidance for all doctors in a scene if an optional parameter is omitted. This is disclosed, but it is a broader remote mutation than a simple query.
`doctorId` | integer | 否 | 医生ID(不传则清空该场景下所有医生的缓存)
Require explicit confirmation for destructive or broad operations, and prefer fully scoped parameters such as `doctorId` when available.
Training dialogue, answers, and related session data may be transmitted to the TBS/GPTS service.
The skill sends user dialogue content and session context to a disclosed GPTS SSE endpoint. This is central to the training feature, but it is still a sensitive provider data flow.
POST https://sg-al-cwork-web.mediportal.com.cn/gpts/sseClient/ai/suggest ... "content": "用户回答内容", "msgList": [], "appId": "应用ID"
Do not enter confidential personal, customer, or regulated information unless the TBS/GPTS service is approved for that data.