unisound-pmh-missing-bp-glucose
ReviewAudited by ClawScan on May 16, 2026.
Overview
This skill appears to perform the advertised medical-record quality check, but it sends record-derived text to a HiVoice-compatible model endpoint and uses an API key.
Use this skill only with records that have already been de-identified and only if sending them to the configured HiVoice MaaS endpoint is approved. Protect the app key, avoid untrusted --base URLs, avoid --save-prepared for sensitive data unless needed, and review the external _shared/doc-preprocess dependency before using multi-format inputs.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
De-identified outpatient-record content may be sent to HiVoice MaaS or to another endpoint if the user overrides --base.
Record-derived prompt messages are POSTed to the configured OpenAI-compatible model endpoint. This is disclosed and central to the skill, but it means medical text leaves the local environment.
url = f"{base.rstrip('/')}/chat/completions" ... payload = {"model": model, "messages": messages, "temperature": 0}Use only approved model endpoints and de-identify records before running the skill.
An exposed app key could allow unauthorized use of the model service, especially if passed on a command line or used with an untrusted --base URL.
The user-supplied app key is used as a bearer credential for the configured model API. This is expected for the integration, but it is still credential handling.
headers = {"Authorization": f"Bearer {appkey}"}Keep the app key out of source control and logs, avoid untrusted base URLs, and rotate the key if it may have been exposed.
If --save-prepared is used, preprocessed medical-record text can remain on local disk.
The documentation states that input/intermediate data is not persisted, but also documents an opt-in debug flag that saves preprocessed text. This is disclosed, but the no-persistence statement has an important exception.
不做本地持久化:不将输入与中间结果写入本地持久化存储 ... --save-prepared:保存预处理后的文本,便于调试。
Do not use --save-prepared with sensitive records unless local storage is approved, and delete prepared files when they are no longer needed.
PDF, Word, Excel, CSV, and JSON preprocessing depends on another local shared module that should be trusted and reviewed separately.
The multi-format entry point imports shared preprocessing code from outside the provided skill package. The dependency is documented, but that external component is not included in the supplied artifacts.
_preprocess_dir = SKILLS_ROOT / "_shared" / "doc-preprocess" / "scripts" ... from preprocess import
Use the text-only entry point when possible, or verify the _shared/doc-preprocess component before using the multi-format runner.
Publisher and package provenance are less clear than if all metadata matched.
The embedded metadata differs from the registry name/owner shown for the submitted skill, suggesting stale or repackaged metadata. The code purpose still appears coherent, so this is a provenance note rather than a behavioral concern.
"ownerId": "kn76wejkeqxfc03j0rfxp2jaj982m7aa", "slug": "doctor.emr-qc.pmh-missing-bp-glucose", "publishedAt": 0
Confirm the publisher/source if provenance matters for medical or enterprise use.