mathematician
Pass
Audited by Gen Agent Trust Hub on May 5, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the
leanandlakecommand-line interfaces to check mathematical proofs and manage project builds. These operations are limited to the skill's mathematical reasoning functions.\n- [COMMAND_EXECUTION]: Executes a local environment check script,scripts/check_lean.sh, which verifies the installation of required Lean tools. This script is a local vendor resource.\n- [EXTERNAL_DOWNLOADS]: Uses the Lake build tool which may download the standardmathliblibrary from its official repository when project initialization requires advanced mathematical lemmas.\n- [PROMPT_INJECTION]: Contains an attack surface for indirect prompt injection through the parsing of user-provided mathematical claims.\n - Ingestion points: Mathematical claims, lemmas, and proofs provided by the user in
SKILL.md.\n - Boundary markers: Absent; the skill does not explicitly use delimiters to isolate user-provided math from the agent's internal logic.\n
- Capability inventory: Ability to execute shell commands via
leanandlakebinaries.\n - Sanitization: None; input is parsed directly into the mathematical analysis workflow.
Audit Metadata