ClawHub

Pharmaclaw Tox Agent

v1.0.0

Toxicology Agent for pharma drug safety profiling from SMILES. Computes RDKit ADMET descriptors (logP, TPSA, MW, HBD, HBA, rotatable bonds), Lipinski Rule of...

0· 222·2 current·2 all-time
by@cheminem
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the implementation: the SKILL.md and scripts/tox_agent.py perform RDKit descriptor calculations, Lipinski/Veber checks, QED, and simplified PAINS matching. Declared dependency (rdkit-pypi) is appropriate for the stated functionality and no unrelated credentials or binaries are requested.
Instruction Scope
The runtime instructions are narrowly scoped: run the provided Python script with a SMILES string. The SKILL.md does not instruct the agent to read unrelated files, access environment secrets, or call external network endpoints. The script only processes the input SMILES and returns a local JSON report.
Install Mechanism
No install spec is provided (instruction-only skill) which is low-risk. However, the declared dependency rdkit-pypi can be non-trivial to install (native/compiled components). The skill does not provide an automated install step—users must ensure RDKit is available in the runtime environment.
Credentials
No environment variables, credentials, or config paths are requested. The operations performed are local molecule analyses and do not require external secrets or system-level access.
Persistence & Privilege
always is false and the skill does not request persistent/system-level privileges. It does not modify other skills or system configuration.
Assessment
This skill appears internally consistent and implements what it claims: a small RDKit-based SMILES toxicology profiler. Before installing/running: (1) ensure RDKit (rdkit-pypi or a proper RDKit build) is available in an isolated environment — RDKit often requires compiled binaries; (2) be aware PAINS checking is a simplified/mock subset (SKILL.md notes this limitation), and the reported risk label is coarse ('Low' vs 'Medium/High'); (3) no network calls or secret access are present in the code, so there is no obvious exfiltration risk, but verify you run it in a controlled environment and review dependencies you install. If you need production-grade PAINS/QSAR/hERG or mutagenicity predictions, plan to replace the simplified implementations with validated models and a complete PAINS catalog.

Like a lobster shell, security has layers — review code before you run it.

latestvk97652mf9ktv6e3cn7jm5wvgcx82p455

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments