Skillv0.1.0

ClawScan security

Admet Prediction · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousFeb 17, 2026, 5:05 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill generally matches an ADMET prediction tool that runs locally with RDKit, but there are inconsistencies (references to missing files and extra/declarative dependencies) and some minor quality issues that warrant caution before installing or using it.
Guidance: What to consider before installing/using this skill: - Provenance: the skill owner and homepage are unknown. Prefer code from known sources for safety and reproducibility. - Missing files: SKILL.md references scripts/admet_filter.py and reference/pk-models.md which are not in the manifest; verify whether those are required and obtain them if needed. - Dependencies: the code requires RDKit; installing RDKit can be non-trivial and platform-dependent. Optional packages (deepchem, admet-x, admet-models) are listed but may not be needed — confirm which are actually used. - Inspect full scripts: before running, scan scripts/admet_predict.py for any network calls, subprocess execution, or filesystem writes outside expected output files. The visible portion uses RDKit only, but verify the remainder of the file. - Sandbox/testing: run the code in an isolated environment (container/VM) with non-sensitive inputs first to confirm behavior and outputs. - Data sensitivity: this skill handles chemical structures and predictions; if you plan to analyze proprietary molecules, confirm there are no hidden telemetry or upload steps and keep data local. - Reproducibility & validation: models are approximate — validate predictions experimentally before relying on them for decisions. If you want, I can: (1) search the remaining part of the script for network or shell calls, (2) check for any other missing referenced files, or (3) produce a short checklist / commands to safely run this skill in a sandbox.

Review Dimensions

Purpose & Capability: noteThe name, description, SKILL.md and the included scripts all point to local ADMET/pk/toxicity prediction using RDKit and QSAR models — this is coherent. Declared dependencies (rdkit, admet-models) and the pip suggestions (deepchem, admet-x) are plausible for advanced models, though the code shown imports only RDKit. Overall functional requirements align with purpose, but the manifest/instructions reference extra model packages that are not used in the visible code.
Instruction Scope: concernSKILL.md instructs the agent to run local prediction scripts (python scripts/admet_predict.py) and shows sensible flags for SMILES and libraries. However SKILL.md also references scripts/admet_filter.py and reference/pk-models.md which are not present in the file manifest — instructions therefore point to non-existent files. The instructions do not request any unrelated system files, credentials, or external endpoints, which is good, but missing referenced artifacts could cause confusing behavior or failure.
Install Mechanism: okThere is no install spec (instruction-only + included scripts). That minimizes automatic installation risk. The SKILL.md suggests pip-installing RDKit and optional packages; these are standard public packages. No downloaded archives, remote execution URLs, or unusual installers are present in the manifest.
Credentials: okThe skill requests no environment variables, no credentials, and no special config paths. The local nature of RDKit-based chemistry processing is proportionate to the claimed functionality.
Persistence & Privilege: okThe skill does not request persistent/system-level privileges, always:false, and has no install hooks in the package metadata. It does not appear to modify other skills or global agent config based on provided files. Autonomous invocation is allowed by platform defaults but is not combined with other high-risk characteristics here.