ClawHub

Pharmaclaw Alphafold Agent

v1.0.0

Compliant AlphaFold Agent for protein structure retrieval, ESMFold prediction, binding site detection, and RDKit ligand docking. Fetches public PDB/AlphaFold...

0· 287·3 current·3 all-time
by@cheminem
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description (structure retrieval, ESMFold prediction, binding site detection, RDKit docking) matches the code and dependencies (requests, biopython, RDKit). However ESMFold prediction is explicitly mocked in the script (predict_esmfold writes a placeholder PDB) rather than invoking HuggingFace/ESMFold; docking and pocket detection are simplified/mocked. This is coherent for a demo but not a full production implementation.
Instruction Scope
SKILL.md and the script instruct the agent to fetch public PDBs (RCSB), optionally read a FASTA file, run a local mock prediction, detect pockets and run an RDKit-based docking/emedding. The script writes files locally and performs HTTP requests only to legitimate public endpoints (RCSB and AlphaFold EBI). It does not read or exfiltrate unrelated system files or request credentials.
Install Mechanism
No install spec is provided (instruction-only skill with one included script). That lowers installation risk; packages listed (rdkit-pypi, biopython, requests) are consistent with functionality. No arbitrary downloads or extract/install steps are present.
Credentials
The skill declares no required environment variables, no credentials, and requests no config paths. The runtime code also does not read environment variables or secrets.
Persistence & Privilege
always is false and the skill does not request persistent presence or modify other skills or system-wide settings. It runs as a one-off script that reads/writes local files.
Assessment
This skill appears to do what it says and does not request credentials or hidden endpoints, but treat it as a proof-of-concept/demo: ESMFold prediction is mocked, binding-site detection and docking are simplistic, and the script contains runtime bugs (missing Draw import, minimal error handling). If you plan to use it in production, review and fix the code, add input validation and HTTP/response checks, replace mocks with real ESMFold/fpocket/Vina components, and run it in an isolated/sandbox environment. As with any third-party script from an unknown source, inspect the code and test on non-sensitive systems before trusting it with important data.

Like a lobster shell, security has layers — review code before you run it.

latestvk97bt1ja6mfz5rttvfdsby5sz182qswd

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments