unisound-medical-term-normalization
ReviewAudited by ClawScan on May 15, 2026.
Overview
The skill appears purpose-aligned for normalizing medical records, but it sends sensitive clinical text to a disclosed model API and needs careful handling of records, API keys, and optional local saves.
Install only if you are allowed to send the medical text to the configured Hivoice model endpoint. De-identify patient records before use, protect the `--appkey`, avoid debug saves for real patient data, and have a qualified clinician review the normalized output.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
De-identified clinical text and the API credential are sent to the configured model provider, so that provider's access, logging, and retention practices matter.
The skill discloses that medical record text is sent to a model API using a bearer credential. This is central to the stated purpose, but it crosses a provider data boundary.
外部 API - 内部医疗大模型:`https://maas-api.hivoice.cn/v1/chat/completions` ... 需要传入 `--appkey` 参数进行 Bearer 认证
Use only de-identified records, verify that the endpoint is approved for your organization, avoid overriding the base URL unless intended, and confirm provider retention/privacy terms.
Anyone with the app key may be able to make calls to the associated model service or incur usage under that account.
The script requires a user-supplied API key for the model service. This is expected for the integration, but the registry metadata did not declare a primary credential.
parser.add_argument("--appkey", required=True, help="必须传入。内部医疗大模型鉴权 key,使用 Bearer 方式认证。")Treat the app key as a secret, use a minimum-scope key where possible, avoid placing it in shared logs or prompts, and rotate it if exposed.
If enabled, prepared medical text may remain on disk after the run and could be read by others with access to that location.
The optional debug path writes the preprocessed medical text to disk. This is user-directed and disclosed, but it can persist sensitive clinical content locally.
if args.save_prepared:
save_prepared(payload, args.output, input_path)
...
prepared_path.write_text(payload_to_prepared_text(payload), encoding="utf-8")Do not use `--save-prepared` with identifiable patient data unless the directory is protected; delete debug files when no longer needed.
The behavior for parsing PDFs, documents, spreadsheets, and other files depends on the external shared preprocessor installed in the local skills tree.
The script imports preprocessing code from a shared directory outside this skill package. That dependency is disclosed and purpose-aligned, but its provenance/version is not visible in the supplied files.
PREPROCESS_DIR = SKILLS_ROOT / "_shared" / "doc-preprocess" / "scripts" ... from preprocess import PreprocessError, SUPPORTED_FILE_TYPES, detect_input_type, load_input_artifact
Install `_shared/doc-preprocess` only from a trusted source and keep it reviewed/updated, especially when processing sensitive documents.