unisound-chief-complaint-hpi-inconsistent
ReviewAudited by ClawScan on May 16, 2026.
Overview
This skill is coherent for medical-record quality control, but it sends record text to an external HiVoice MaaS model and writes local outputs, so users should de-identify records and protect the app key.
Before installing, confirm that sending de-identified medical record text to HiVoice MaaS is allowed in your environment, keep the app key private, review or trust the shared document preprocessor if using non-text files, and avoid saving prepared text unless you have a secure storage and deletion process.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Medical record text may leave the local environment and be processed by the configured model provider.
The skill discloses that medical record content is sent to an external/provider LLM endpoint for analysis.
外部 API - 医疗大模型:`https://maas-api.hivoice.cn/v1/chat/completions`(POST,OpenAI 兼容格式)
Use only an approved provider/base URL, de-identify records before submission, and confirm the provider’s retention and compliance requirements.
Anyone who obtains the app key may be able to use the configured model service under the user’s or organization’s access.
The skill uses a bearer app key to authenticate to the medical model service; this is expected for the integration but is still a credential.
headers = {"Authorization": f"Bearer {appkey}"}Use a dedicated limited-scope key, avoid committing or sharing it, and rotate it if it may have been exposed.
Using the multi-format runner depends on external shared code that may read the input document before the QC step.
The multi-format entrypoint imports a shared preprocessing helper outside the provided skill files, so that helper’s behavior is not visible in the supplied artifacts.
_preprocess_dir = SKILLS_ROOT / "_shared" / "doc-preprocess" / "scripts" ... from preprocess import
Ensure `_shared/doc-preprocess` comes from a trusted source and review it, or use the text-only entrypoint if the shared preprocessor is unavailable or untrusted.
If enabled, a local file may contain the full prepared medical record text and could persist after the run.
The optional debug flag saves the preprocessed medical record text to disk, which can retain sensitive clinical content locally.
if args.save_prepared:
...
prep_path.write_text(record_text, encoding="utf-8")Avoid `--save-prepared` for identifiable records, store outputs only in approved secure locations, and delete temporary/debug files when no longer needed.