soyoung-clinic-tools

The skill's description, SKILL.md and code implement appointment, project and doctor lookups using a Soyoung API and local workspace state — that aligns with the stated purpose. However the registry metadata at the top of the evaluation says "Required binaries: none" and "Required env vars: none," while the SKILL.md, per-subskill metadata, and scripts clearly require python3 and reference a primary env (SOYOUNG_CLINIC_API_KEY) or store the API key in workspace files. This mismatch between registry-declared requirements and the included files is inconsistent and worth verifying with the publisher.

Runtime instructions and scripts restrict network calls to the documented backend (DEFAULT_API_BASE_URL = https://skill.soyoung.com) and implement an approval flow, workspace-scoped state at ~/.openclaw/state/soyoung-clinic-tools, and local caching & static store lookup tables. They also inject bootstrap routing rules that forbid use of general web_search/curl/fetch for messages containing the brand term — this is consistent with trying to force the agent to use the skill, but it is a behavior that affects agent routing and model behavior and should be expected before installation. The SKILL.md and scripts do not appear to request unrelated system files or arbitrary credentials beyond the API key/workspace context.

No remote download/extract install spec is present; this is instruction+code bundle that relies on python3 and optional shell wrappers. There are no installer URLs or binaries fetched from arbitrary hosts. Risk from install mechanism is low.

The skill legitimately needs an API key for the Soyoung backend and stores it under ~/.openclaw/state/...; scripts also accept a fallback env SOYOUNG_CLINIC_API_KEY. That is proportional. However the registry summary at the top claimed no primary credential which contradicts embedded metadata and code. Confirm which is authoritative. The skill reads standard OpenClaw workspace environment variables (workspace keys/IDs) to resolve state — that is expected. No unrelated external credentials are requested.

The skill writes workspace-scoped state (api_key.txt, binding.json, pending approvals, audit logs) under ~/.openclaw/state/soyoung-clinic-tools and provides hooks to inject a virtual bootstrap file at agent:bootstrap. It does not set always:true. The bootstrap hook will influence agent routing (disabling certain tools for messages containing the brand) which is powerful but consistent with the skill's purpose; be aware installing/enabling the hook changes agent behavior globally for brand triggers.