Pharmaclaw Cheminformatics
PassAudited by ClawScan on May 1, 2026.
Overview
The skill is coherently focused on cheminformatics and shows no evidence of hidden network access, credential use, destructive behavior, or persistence, though it can run local Python tools that read/write chosen molecule files and depends on external chemistry packages.
This skill appears safe to review as a local cheminformatics toolkit. Before installing or using it, verify any Python dependencies such as RDKit from trusted sources, run it in a project environment, and provide only molecule files and output paths you are comfortable letting the agent read or write.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If invoked with an unsafe output path, the tool could overwrite or create local files in places the user did not intend.
The script supports writing generated molecular structures to a caller-supplied output path. This is expected for conformer generation, but users should avoid overwriting important files or using protected directories.
parser.add_argument("--output", type=str, default=None, help="Output SDF file path")Use explicit project-specific output directories and review file paths before asking the agent to generate molecule files.
A user may need to install additional Python packages, and package source/version choices affect reliability and supply-chain trust.
The code expects an external RDKit package, while the registry provides no install spec or pinned dependency. This is a normal dependency for cheminformatics, but dependency installation is left to the user.
print(json.dumps({"error": "RDKit not installed. pip install rdkit-pypi"}))Install RDKit and related packages from trusted package indexes or environment managers, preferably with pinned versions in an isolated environment.