ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

RxnIM

Parse chemical reaction images into machine-readable data (reactants, products, conditions) using the RxnIM multimodal LLM. Supports web API (Hugging Face Sp...

MIT-0 · Free to use, modify, and redistribute. No attribution required.
0 · 121 · 0 current installs · 0 all-time installs
by@fqiangliu
MIT-0
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The skill claims to provide a CLI (node scripts/rxnim.js) and instructs use of pip and Node, but the registry's required binaries list only python3 and curl — it does not declare 'node' or 'npm'. The skill bundle contains no code files, so it relies on an external RxnIM repository and model downloads; that reliance is not unreasonable for this capability but the mismatch between declared requirements and actual instructions is incoherent and could cause the agent to try executing commands that won't exist in the runtime.
!
Instruction Scope
SKILL.md instructs the agent/user to run pip install -r requirements.txt and node scripts/rxnim.js, to set RXNIM_MODE, RXNIM_MODEL_PATH, and RXNIM_API_URL, and to download large checkpoints/datasets from Hugging Face. However: (1) none of those environment variables are declared in the skill metadata, (2) no scripts or requirement files are included in the skill bundle, and (3) the instructions implicitly require access to local filesystem paths for model checkpoints. While these actions are consistent with running RxnIM locally, the instructions give the agent broad leeway to read local files and fetch large external artifacts without the skill explicitly declaring those dependencies.
Install Mechanism
This is an instruction-only skill (no install spec), which minimizes what gets written to disk by the skill itself. It points users/agents to download model checkpoints and datasets from Hugging Face (legitimate host). That download step is external and will write large archives to disk if followed; the SKILL.md does not include instructions for verifying integrity. No suspicious third-party or shortener URLs are used, but the references point at dataset/model zip files on Hugging Face rather than a packaged release — verify links before downloading.
!
Credentials
The registry lists no required environment variables, yet SKILL.md expects RXNIM_MODE, RXNIM_MODEL_PATH, and RXNIM_API_URL. Requiring a model path and an API URL is reasonable for this tool, but the skill should declare these in metadata so users can audit what the agent will access. The absence of declared env vars is an omission that reduces transparency and could hide unintended env access.
Persistence & Privilege
always is false and the skill is user-invocable; it does not request persistent installation or privileged agent-wide changes. Autonomous invocation is allowed (platform default) but not combined here with other high-risk flags, so no elevated persistence concerns identified.
What to consider before installing
This skill appears to implement a legitimate RxnIM workflow, but there are several inconsistencies you should resolve before installing or running it: - Verify the upstream repository: inspect https://github.com/CYF2000127/RxnIM yourself to confirm expected scripts (scripts/rxnim.js), requirements.txt, and model download URLs exist and are trustworthy. - Tooling mismatch: ensure your environment has node/npm as well as python3 if you plan to run the CLI; request that the skill metadata add 'node' to required binaries to match SKILL.md. - Environment variables: SKILL.md references RXNIM_MODE, RXNIM_MODEL_PATH, and RXNIM_API_URL but the skill metadata declares none — ask the publisher to declare these env vars (and never put secrets in them). Confirm RXNIM_MODEL_PATH points to a local file you trust. - Model downloads are large and external: prefer using the Web API mode (default) if you don't want to download a 7b model. If downloading, verify checksums from the upstream source before extraction. - No code included: because the skill bundle contains no scripts, running the provided commands will require you to clone/build the external repo; do not run unreviewed scripts as root or with elevated privileges. If you cannot verify the upstream repo and the download links, treat this skill as untrusted. Ask the publisher to update the skill metadata to list required binaries and env vars and/or provide the runtime code in the bundle so the instructions and requirements match.

Like a lobster shell, security has layers — review code before you run it.

Current versionv1.0.0
Download zip
latestvk97a0tn9a3nyjy5rmppfa7c93n82pws6

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🔬 Clawdis
Binspython3, curl

SKILL.md

RxnIM Skill

Extract structured reaction data (SMILES, conditions) from chemical reaction images using the RxnIM model. RxnIM is a multimodal large language model designed for chemical reaction image parsing, achieving 84%-92% soft match F1 score on various benchmarks. It performs three tasks: reaction extraction, condition OCR, and role identification.

Features

  • Image input: PNG, JPG, etc.
  • Output: JSON with reactants, products, conditions (reagents, solvents, temperature, yield).
  • Two modes:
    1. Web API: Calls the Hugging Face Spaces demo (no local model needed).
    2. Local inference: Runs the full model locally (requires GPU and ~14 GB disk space).
  • Tasks supported:
    • Reaction extraction (SMILES of reactants and products)
    • Condition OCR (text extraction and role labeling)
    • Role identification (reagent, solvent, temperature, yield)

Background

RxnIM (Reaction Image Multimodal large language model) is the first multimodal LLM specifically designed to parse chemical reaction images into machine‑readable reaction data. It aligns task instructions with image features and uses an LLM‑based decoder to predict reaction components and conditions. The model is trained on a large‑scale synthetic dataset (Pistachio) and real ACS publications.

Key capabilities:

  • Extracts SMILES of reactants and products with high accuracy.
  • Interprets textual conditions (reagents, solvents, temperature, yield) and assigns roles.
  • Outputs structured JSON or formatted reaction strings. Performance: 84%–92% soft match F1 score on multiple test sets, outperforming previous methods.

##Quick Start Web API Mode (default) node scripts/rxnim.js --image /path/to/reaction.png

Local Mode First, download the model checkpoint (see RxnIM repository(https://github.com/CYF2000127/RxnIM)) and set the environment variable RXNIM_MODEL_PATH. export RXNIM_MODEL_PATH=/path/to/RxnIM-7b node scripts/rxnim.js --image /path/to/reaction.png --mode local

##Installation## Dependencies pip install -r requirements.txt

For local mode, additional dependencies are required (see RxnIM repository(https://github.com/CYF2000127/RxnIM)).

Model Download Web API: No download needed. Local mode: 1.Download the checkpoint from Hugging Face(https://huggingface.co/datasets/CYF200127/RxnIM/blob/main/RxnIM-7b.zip). 2.Extract and set RXNIM_MODEL_PATH.

##Usage## Command Line node scripts/rxnim.js --image <path> [--mode web|local] [--output json|text]

Output Example { "reactions": [ { "reactants": ["CC(C)(C)OC(=O)N[C@H]1C=CC@HC1"], "products": ["CC(C)(C)OC(=O)N[C@@H]1C[C@H]2C(=O)O[C@H]2[C@@H]1Br"], "conditions": { "reagents": ["Br2", "Pyridine"], "solvents": ["DME/H2O"], "temperature": "0-5°C", "yield": "68%" }, "full_reaction": "CC(C)(C)OC(=O)N[C@H]1C=CC@HC1>>CC(C)(C)OC(=O)N[C@@H]1C[C@H]2C(=O)O[C@H]2[C@@H]1Br | Br2, Pyridine[reagent], DME/H2O[solvent], 0-5°C[temperature], 68%[yield]" } ] }

Configuration Set environment variables: -RXNIM_MODE: web or local (default: web) -RXNIM_MODEL_PATH: Path to local model checkpoint (required for local mode) -RXNIM_API_URL: Custom Web API endpoint (default: Hugging Face Spaces)

Data Generation (Advanced) For training or generating synthetic reaction images, refer to the original RxnIM repository: 1.Datasets: -Synthetic: Pistachio(https://huggingface.co/datasets/CYF200127/RxnIM/blob/main/reaction_images.zip) -Real: ACS(https://huggingface.co/datasets/CYF200127/RxnIM/blob/main/reaction_images.zip)

2.Generation code: Located in data_generation/ directory of the repo. Requires original Pistachio dataset.

3.Model checkpoint: Download RxnIM-7b(https://huggingface.co/datasets/CYF200127/RxnIM/blob/main/RxnIM-7b.zip) for local inference.

##Limitations## -Web API: Rate‑limited, requires internet. -Local mode: Heavy resource requirements (GPU memory, disk space). -Accuracy: Depends on image quality and complexity.

##References## -RxnIM GitHub(https://github.com/CYF2000127/RxnIM) -Hugging Face Spaces Demo(https://huggingface.co/spaces/CYF200127/RxnIM) -Paper: Towards large‑scale chemical reaction image parsing via a multimodal large language model(https://doi.org/10.1039/D5SC04173B) -ChemEAGLE (multi‑agent extension)(https://github.com/CYF2000127/ChemEagle)

Files

1 total
Select a file
Select a file to preview.

Comments

Loading comments…