unisound-pe-hpi-inconsistent
ReviewAudited by ClawScan on May 16, 2026.
Overview
The skill appears purpose-aligned for medical-record quality checking, but users should notice that it sends record excerpts to a HiVoice model API, requires an app key, and relies on an external preprocessing helper for multi-format files.
Before using this skill, confirm that the medical records are de-identified, the HiVoice MaaS endpoint is approved for your data, the app key is handled securely, and the `_shared/doc-preprocess` helper is trusted if you use multi-format input.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Medical-record excerpts may leave the local environment and be processed by the configured HiVoice MaaS endpoint.
The skill clearly discloses that medical-record content is sent to a provider API for the QC decision. This is purpose-aligned, but it is a sensitive data flow.
调用 **HiVoice MaaS** 医疗大模型(OpenAI 兼容 `chat/completions`)... 外部 API - 医疗大模型:`https://maas-api.hivoice.cn/v1/chat/completions`
Use only approved, de-identified records; verify the API endpoint and any organizational data-processing agreement before use.
Users must supply and protect an API key for the model provider.
The skill requires a provider authentication key. This is expected for the disclosed LLM integration, but the registry metadata lists no primary credential.
`--appkey STRING`:**必填**。调用内部医疗大模型的鉴权 key,由平台分配;**不得写入仓库**。
Do not commit the app key, avoid sharing commands containing it, and do not override the base URL unless it is trusted.
Using `scripts/run.py` for pdf/doc/docx/xls/xlsx/csv/json inputs depends on local code not included in this package review.
The multi-format entry point imports a shared preprocessing module outside the included skill files, so that helper's behavior is not reviewable from the supplied artifacts.
_preprocess_dir = SKILLS_ROOT / "_shared" / "doc-preprocess" / "scripts" ... from preprocess import ...
Verify the `_shared/doc-preprocess` helper is trusted and unchanged, or use the simpler text-only entry point when possible.
If `--save-prepared` is used, a copy of the medical-record text may remain in the runs directory after the task finishes.
When the debug flag is enabled, the preprocessed record text is written to disk. This is user-directed and documented, but it can persist sensitive medical text locally.
if args.save_prepared: ... prep_path.write_text(record_text, encoding="utf-8")
Avoid `--save-prepared` for sensitive records unless the directory is protected, and delete the file when no longer needed.