Pharmaclaw Alphafold Agent

ReviewAudited by ClawScan on May 10, 2026.

Overview

This skill does not show credential theft or exfiltration, but it needs Review because it advertises real structure prediction and docking while the included code returns mock or fixed scientific outputs that may be passed to downstream agents.

Install only if you understand this appears to be a prototype: run it in a controlled workspace, pin and review dependencies, avoid proprietary targets in public queries, and do not rely on the mock prediction/docking outputs without independent validation.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Medium

#ASI09: Human-Agent Trust Exploitation

What this means

A user or downstream agent could treat placeholder structures, binding sites, or affinity values as real scientific results.

Why it was flagged

SKILL.md presents the skill as performing ESMFold prediction, binding-pocket detection, and docking, but the code shows placeholder/fixed outputs and a mock affinity calculation.

Skill content

'''ESMFold mock (HF transformers heavy; prod docker).''' ... sites.append({'res': 'G12', 'pocket_vol': 150}) ... score = -Descriptors.MolWt(ligand) * 0.05  # Mock affinity

Recommendation

Clearly label the skill as a demo/mock, or replace the placeholder code with validated ESMFold, pocket-detection, and docking workflows before using outputs for research decisions.

Low

#ASI08: Cascading Failures

What this means

Incorrect placeholder results could propagate into later design or IP-analysis steps.

Why it was flagged

The skill is intended to pass its outputs to downstream agents, but the implementation can produce mock/fixed outputs without a documented validation or containment step.

Skill content

Feeds into: IP Expansion (novel binding modes), Catalyst Design (structure-guided synthesis)

Recommendation

Require explicit human review and validation before passing this skill's outputs to downstream pipeline agents.

Info

#ASI02: Tool Misuse and Exploitation

What this means

Public services may see queried target identifiers, and output files will be created in the working directory.

Why it was flagged

The script calls public protein-structure services and writes downloaded PDB files locally, which is expected for the stated retrieval function.

Skill content

resp = requests.post(self.rcsb_url, json=query) ... f.write(requests.get(pdb_url).text)

Recommendation

Run it in a project workspace and avoid submitting proprietary target information to public services unless that is acceptable.

Low

#ASI04: Agentic Supply Chain Vulnerabilities

What this means

Users must choose and install dependency versions themselves, which can affect reproducibility and package provenance.

Why it was flagged

The skill depends on third-party Python packages, but the artifacts provide no pinned versions or install spec.

Skill content

Dependencies
- `rdkit-pypi`
- `biopython`
- `requests`

Recommendation

Use a reviewed environment or lockfile with pinned package versions before running the script.