unisound-missing-tumor-name
ReviewAudited by ClawScan on May 16, 2026.
Overview
The skill appears to perform the advertised medical-record quality check, but it sends sensitive record text to a configured LLM service and requires careful handling of the app key and debug output.
Before installing or running, confirm that sending de-identified outpatient record text to HiVoice MaaS is allowed in your environment, provide the app key securely, do not override the base URL except to an approved endpoint, inspect the shared preprocessor if using multi-format input, and avoid `--save-prepared` for sensitive records.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Selected medical-record content is transmitted to the configured LLM provider and may be handled under that provider's controls.
The record-derived prompts are posted to a HiVoice chat-completions endpoint. This is disclosed and purpose-aligned, but the messages can contain sensitive medical history.
DEFAULT_LLM_BASE = "https://maas-api.hivoice.cn/v1" ... url = f"{base.rstrip('/')}/chat/completions" ... payload = {"model": model, "messages": messages, "temperature": 0}Use only de-identified records, keep the default/trusted base URL unless intentionally using another approved endpoint, and verify organizational approval for sending medical data.
Anyone who obtains the app key may be able to use the associated LLM service quota or access.
The skill needs a provider credential to call the medical LLM. This is expected for the integration and the docs warn not to commit it, but it remains a secret with account/API access.
`--appkey STRING`:**必填**。调用内部医疗大模型的鉴权 key,由平台分配;**不得写入仓库**。
Provide the app key only at runtime, avoid storing it in scripts or repositories, prefer a least-privilege/rotatable key, and rotate it if exposed.
If using `scripts/run.py` for PDF/Office/CSV/JSON inputs, behavior depends partly on an external shared helper not reviewed in these artifacts.
The multi-format entry point imports a shared preprocessor outside this skill's provided files. The dependency is disclosed in SKILL.md, but its implementation is not included in the reviewed manifest.
_preprocess_dir = SKILLS_ROOT / "_shared" / "doc-preprocess" / "scripts" ... from preprocess import (PreprocessError, SUPPORTED_FILE_TYPES, detect_input_type, load_input_artifact)
Ensure `_shared/doc-preprocess` comes from a trusted source and review it before using the multi-format runner, or use the simpler text-only entry point.
If `--save-prepared` is used, a local copy of the prepared medical record text may remain on disk.
The documentation states a no-local-persistence privacy posture while also documenting an optional debug feature that saves prepared text. The option is user-directed, but it is an important exception for medical data.
**不做本地持久化**:不将输入与中间结果写入本地持久化存储 ... `--save-prepared`:保存预处理后的文本,便于调试。
Do not use `--save-prepared` with identifiable records; update documentation to clearly state that no-persistence applies only when debug saving is not enabled.