专业宠物(猫、狗及异宠)多轮医疗问诊
Security checks across malware telemetry and agentic risk
Overview
This skill appears to do what it claims: it sends pet health questions and optional images to the VetMew API using the user's VetMew credentials, with no evidence of hidden exfiltration or destructive behavior.
Install only if you trust VetMew with the pet health information, images, and API token you provide. Use it for guidance, but seek in-person veterinary care for emergencies or serious symptoms.
VirusTotal
64/64 vendors flagged this skill as clean.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The skill can act against the user's VetMew API account and may consume account quota or fail if the credential is wrong.
The skill requires a VetMew API key and secret. This credential use is expected for the stated VetMew integration, and the code uses it to sign requests to the VetMew API.
本技能要求注入环境变量 `VETMEW_AUTH_TOKEN` (格式为 `API_KEY:API_SECRET`)
Use a dedicated VetMew API token if possible, avoid sharing the token in chat, and rotate it if it is exposed.
Pet names, symptoms, health context, and optional image data or image URLs may be sent to VetMew for analysis.
The client sends signed requests to VetMew's external API endpoint. This is disclosed and purpose-aligned, but user-provided pet health details and optional images leave the local environment.
self.base_url = "https://platformx.vetmew.com"
Only provide information and images you are comfortable sending to VetMew, and avoid including unrelated personal or sensitive data.
Future calls may continue the same VetMew conversation, which can include earlier pet-health context.
The skill instructs the agent to persist conversation IDs for reuse across turns. The persistence is scoped by consultation type, but it still preserves access to prior provider-side conversation context.
Agent **必须** 维护独立的 Session 槽位以隔离不同类型的会话。请将 ID 持久化到对应的平台变量中
Reset the relevant session variable when switching pets, users, or consultation topics.
A future install could receive newer dependency versions than those originally tested.
The Python dependencies are not version-pinned. They are common packages and proportionate to the API-client purpose, but unpinned dependencies can change over time.
requests python-dotenv
Prefer installing in an isolated environment and consider pinning reviewed dependency versions for reproducibility.