Skillv2.0.0

ClawScan security

RxnIM · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 21, 2026, 1:14 PM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill’s instructions, endpoints, and optional local-install steps are coherent with a reaction-image-parsing purpose, but it relies on a third-party HuggingFace Space and large external model downloads — review data privacy and the external repo before using.
Guidance: Before installing or invoking this skill, consider the following: - Data privacy: The default recommended path posts images to a specific third-party HuggingFace Space (CYF200127-RxnIM). If your images contain proprietary reactions, IP, or sensitive metadata, do not upload them to that external service without confirming the space owner’s data retention and privacy policies. - Verify sources: If you plan local deployment, inspect the GitHub repo and HuggingFace model/dataset pages (owner identity, recent commits, issues). Prefer checksums/signatures for large model downloads. - Validate outputs: The model can hallucinate or produce invalid SMILES; use RDKit or other validators (as suggested) before relying on results for downstream decisions. - Resource needs: Local deployment requires large GPU memory (~16GB+), CUDA, and substantial disk space for weights — ensure your environment can support that. - Chaining and sharing: The skill suggests passing results to other skills or corporate docs. Confirm permissions and privacy implications of those downstream services. - Dual‑use / safety: Extracting reaction conditions and SMILES can expose actionable synthesis information; treat outputs as potentially sensitive and follow your organization’s chemical safety and IP policies. If you need to use this skill with sensitive data, prefer local inference (after verifying repo and model), or request that the skill be configured to a trusted, auditable inference endpoint under your control.

Review Dimensions

Purpose & Capability: okName/description match the instructions: all runtime steps (base64 images, POST to a HuggingFace Space, optional local conda deploy and model weights) are directly relevant to extracting SMILES and reaction conditions. No unrelated credentials, binaries, or config paths are requested.
Instruction Scope: noteRuntime instructions stay within the stated purpose (encode image → call HF space → parse result → format). However, the recommended default is a specific third‑party HuggingFace Space (https://CYF200127-RxnIM.hf.space) — uploading images there may expose sensitive/ proprietary chemical structures or metadata to that space's owner. The skill also suggests chaining outputs to other skills and uploading results to corporate document services, which increases data-sharing scope and should be considered by the user.
Install Mechanism: noteThis is instruction-only (no install spec), which is low-risk. Local-deploy instructions reference cloning a GitHub repo and downloading ~14 GB model weights from HuggingFace — those are standard hosts, but large external artifacts should be verified (checksums, repo owner) before execution. No obscure or shortener URLs are used.
Credentials: okNo environment variables, secrets, or system config paths are requested. Optional dependencies (RDKit, CUDA, torch, etc.) are appropriate for a local ML inference workload.
Persistence & Privilege: okSkill does not request always:true and contains no instructions to modify other skills or system-wide agent settings. Autonomous invocation remains possible (platform default) but is not combined with additional privileges.