Coordinates specialized AI agents to design novel drug candidates with synthesis routes, inventory checks, ADMET/Tox evaluation, pharmacology scoring, and pa...
Security Analysis
medium confidenceThe skill broadly matches a drug-design coordinator but includes surprising behaviors (executing sibling-skill scripts, writing files into other skill directories, and web-scraping candidate molecules) that could expose proprietary structures or modify other skills — review before use.
The name/description (orchestrating chemistry, synthesis, inventory, ADMET, patent scouting) aligns with the included code and dependencies (RDKit, BS4, integration hooks). However the code reaches into sibling skill directories (e.g., skills/chemistry-query, skills/synth-notebook, skills/lab-inventory) via relative filesystem traversal — this is a non-obvious design choice that requires those other skills to be present and gives the skill access to other skill files. The presence of a venv/pyvenv.cfg file in the package but no install spec is also unexpected.
SKILL.md instructs running scripts/orchestrate.py and the script executes other skills' Python scripts (via subprocess.run), reads/writes files (creates temp, viz, and may write stock.csv into the lab-inventory directory), and performs web scraping (patents.google.com). The script will send candidate identifiers/SMILES to external sites for patent searches, which can leak proprietary molecular structures. It also creates/modifies files inside other skill directories (creating stock.csv if missing), which is scope creep and could corrupt or persist data outside the skill's own sandbox.
There is no install specification (instruction-only install), which is low risk. But a venv/pyvenv.cfg file is included in the package — odd for an instruction-only skill and suggests assumptions about environment or bundled virtualenv state. No external download URLs are used.
The skill declares no required credentials or env vars (good), but it performs outbound web requests (patent_scout.py uses requests to query patents.google.com) without warning. Sending candidate SMILES, names, or other search queries to external web endpoints can leak IP or sensitive data. The skill also executes other local skill scripts — if those scripts expect credentials or secrets, this skill could indirectly cause exposure. The skill's dependency list mentions beautifulsoup4 but does not explicitly list 'requests' (used in code), a minor mismatch.
always is false and the skill does not request elevated platform privileges. However it writes files into sibling skill directories (e.g., lab-inventory/stock.csv) and creates temp/viz folders in the working directory, which gives it a degree of persistent footprint across the workspace and could affect other skills' state. It does not modify agent configuration or request permanent inclusion.
Guidance
What to consider before installing: - Provenance: the owner and homepage are unknown. Prefer skills from verified/known sources when dealing with proprietary chemistry. - External network: this skill will send search terms (SMILES or names) to patents.google.com via patent_scout.py — do not run it on confidential molecules unless you accept that risk or block network access. - File access: it executes scripts from sibling skill directories and may create or overwrite files there (it will create a stock.csv in lab-inventory if missing). Ensure those other skills are trusted and you are okay with cross-skill file writes. - Review other skills: because it calls chemistry-query, synth-notebook, and lab-inventory scripts directly, inspect those repos/scripts to confirm they are safe and that calling them via subprocess is intended. - Environment assumptions: the package contains a venv config but no installer; confirm RDKit and other Python dependencies exist in your environment before running. - Recommended mitigations: run in an isolated sandbox, disable outbound network during patent-scout if you need confidentiality, back up or sandbox other skill directories to avoid unintended file writes, and review the code of the called sibling scripts. If you need help assessing the other skills (chemistry-query, synth-notebook, lab-inventory), gather their code and provenance and re-run an evaluation.
Latest Release
v1.0.0
Initial release of "drug-team" meta-skill for automated, multi-agent drug design: - Orchestrates a team of specialized agents for drug candidate generation, synthesis planning, ADMET/tox prediction, and patent analysis. - Supports design queries with chemical, safety, and novelty constraints. - Integrates skills: chemistry-query, synth-notebook, lab-inventory, and custom patent scouting. - Provides outputs including top candidate molecules, feasibility and novelty scores, and visualizations. - Automatically checks reagent inventory and estimates synthesis costs.
More by @Cheminem
Published by @Cheminem on ClawHub
