mathematician-ai-ml
Pass
Audited by Gen Agent Trust Hub on May 5, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill invokes local bash scripts (check_lean.sh, init_aiml_workspace.sh) and Lean 4 binary tools (lean, lake) to manage projects and verify formal proofs. These operations are essential for the skill's stated mathematical verification functions.
- [EXTERNAL_DOWNLOADS]: The script init_aiml_workspace.sh performs downloads of the Lean 'mathlib' library and binary caches from official community repositories using the 'lake' package manager. These downloads originate from well-known sources in the formal verification community.
- [PROMPT_INJECTION]: The skill processes untrusted user data in the form of mathematical claims and research papers, presenting a surface for indirect prompt injection.
- Ingestion points: Mathematical claims and research papers provided in the user prompt (processed in SKILL.md and references/aiml-lean-workflow.md).
- Boundary markers: Absent; user-provided mathematical text is processed without explicit delimiters or 'ignore' instructions.
- Capability inventory: Execution of local scripts and Lean/Lake tools (scripts/check_lean.sh, scripts/init_aiml_workspace.sh, lean, lake) via shell.
- Sanitization: Absent; the skill does not validate or escape the contents of mathematical claims before processing.
Audit Metadata