ClawHub

PatSight-MolVision

v1.0.1

PatSight MolVision molecular image recognition: calls Patent Extractor API on 1-N structure images, returns SMILES/SDF and compute properties by rdkit. First...

0· 98·0 current·0 all-time
bywhb@snailwhb
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description, required binaries (uv, python), and the code all align: a Python script posts images to a Patent Extractor API and computes RDKit properties. There are no unrelated credentials or binaries requested.
Instruction Scope
SKILL.md and the script consistently instruct uploading images to the patent API and producing JSON/PNG outputs. Minor inconsistencies: examples and the script use additional env vars (PATSIGHT_TOKEN, PATSIGHT_BASE_URL, PATSIGHT_OPS_TOKEN_URL, PATSIGHT_OPS_VERIFY_URL) that are documented in the README/SKILL.md but only PATSIGHT_ACCOUNT and PATSIGHT_PASSWORD are listed as required; the token endpoints are on a different domain (xops.xtalpi.com) which is likely the OPS token service but should be verified by the user.
Install Mechanism
Instruction-only skill with a shipped Python script; no install spec or remote downloads. Dependencies (requests, Pillow, optional rdkit) are documented — no high-risk installers or external archives.
Credentials
The skill requests PatSight account/password (reasonable for obtaining an OPS token). It also supports using PATSIGHT_TOKEN and base URL overrides. Requesting account/password is proportionate, but users should prefer tokens when possible and verify the token issuance/verification endpoints (xops.xtalpi.com).
Persistence & Privilege
Does not request always:true, does not modify other skills or system settings. It writes outputs to a local outdir only, which is within expected behavior.
Assessment
This skill uploads user images to an external PatSight Patent Extractor API and requires PatSight credentials (or an OPS token). Before installing: 1) Confirm you trust https://patent.xinsight-ai.com and the OPS token service at https://xops.xtalpi.com (these two domains are both used by the script). 2) Prefer using a short-lived PATSIGHT_TOKEN instead of storing your account/password in environment variables or config; verify where tokens are created/stored. 3) Do not send images that contain confidential or proprietary information unless the external service's privacy/retention policy is acceptable. 4) Note minor docs issues (example JSON in SKILL.md has a stray missing quote, and additional env vars like PATSIGHT_TOKEN and PATSIGHT_BASE_URL are used but not listed as required) — these are operational/quality concerns, not evidence of malice. If you need higher assurance, request the service's privacy/security documentation or run the script in an isolated environment and inspect network traffic while authenticating.

Like a lobster shell, security has layers — review code before you run it.

latestvk9782tp2tvnms6p9gvp5r034b58364ts

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

https://patent.xinsight-ai.com/assets/logo-4-DizspTVJ.png Clawdis
Binsuv, python
EnvPATSIGHT_ACCOUNT, PATSIGHT_PASSWORD

Comments