medical-triage-booking

This skill appears to implement symptom triage, hospital/doctor matching, reminder time calculation, and route generation from an internal hospital CSV — that part is coherent. However consider these points before installing or using: - Credential handling: The code expects a BAIDU_MAP_AK environment variable but the skill metadata doesn't declare it. Additionally, a Baidu API key is hard-coded in baidu_route_link.py. Hard-coded keys may be leaked or belong to the publisher; avoid using production data with such keys and consider rotating/removing them. - Privacy of location data: Route/geocoding calls send addresses/coordinates to Baidu's APIs. If you use this feature, confirm you want the agent to transmit user-supplied location or hospital names to external services and verify compliance with local privacy/regulatory requirements. - Mismatched documentation vs. code: SKILL.md mentions IP-based geolocation and an Amap/jsapi skill, but the bundle does not implement IP lookup nor use Amap. Expect manual steps (ask user for location) or adjust the code/instructions to match. Test the skill in a sandbox to see what it actually does. - Clinical caution: The tool is an aid only. The references document notes CSV contains non-clinical 'laboratory' entries and the SKILL.md correctly instructs to avoid presenting diagnoses. Ensure messaging to users includes the explicit disclaimer that this is triage assistance, not medical advice. Recommendations: review and remove the embedded API key (or replace with a documented env var), update the skill metadata to declare BAIDU_MAP_AK if required, fix SKILL.md to match actual behavior (or implement IP geolocation if intended), and test network behavior to confirm no unexpected data exfiltration. If you will handle real patient data, validate privacy/legal compliance before enabling outbound map features.