ClawHub

Reagent Substitute Scout

v1.0.0

Find validated alternative reagents based on literature citation data.

0· 34·0 current·0 all-time
byAIpoch@aipoch-ai
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the implementation: the script queries literature and chemical DBs (PubMed, PubChem, ChEMBL), performs structure similarity (rdkit), and generates scored alternatives. Declared dependencies and the packaged script are appropriate for this purpose.
Instruction Scope
SKILL.md limits actions to running scripts/main.py, editing the skill config, and using public literature/chemical APIs. It does not instruct reading unrelated system files or accessing unrelated credentials. It documents config path (~/.config/...) for API keys.
Install Mechanism
No install spec — instruction-only with a single Python script and requirements.txt. No remote downloads or extract-from-URL steps; risk is limited to installing normal Python packages (rdkit is heavy but expected).
Credentials
The skill requests no environment variables or credentials by default. Config supports optional API keys for PubMed/Google Scholar; these are proportional to literature queries. Nothing asks for unrelated secrets.
Persistence & Privilege
always is false and the skill has no special persistence or system-wide configuration changes. It does not request elevated privileges or modify other skills.
Assessment
This skill appears coherent with its stated purpose, but take these practical precautions before running it: (1) Review scripts/main.py yourself (or run python -m py_compile) to confirm no unexpected behavior. (2) Run inside a virtualenv/container before installing dependencies (rdkit can be large). (3) Provide API keys only to trusted services; PubMed and PubChem endpoints shown are official, but 'google_scholar' support is often implemented via unofficial APIs or scraping — be cautious and prefer enabled=False unless you know the implementation. (4) The skill uses network calls to public APIs and may cache results under ~/.cache and read/write ~/.config/reagent-substitute-scout/config.json; if you store secrets, protect that file. (5) If you need stronger assurance, ask the maintainer for the remainder of main.py (the provided file was truncated in the package listing) and verify there are no hidden endpoints or telemetry.

Like a lobster shell, security has layers — review code before you run it.

latestvk97agqscyx4g5q0g3za6asddfx83zgev

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments