counterexample-debugger
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [SAFE]: The skill package is composed entirely of Markdown documentation files (
SKILL.mdand reference guides). It does not contain any executable scripts (Python, Node.js, Shell) or binaries. - [SAFE]: No network operations, external downloads, or remote code execution patterns were detected. The skill provides static reference material.
- [SAFE]: There are no hardcoded credentials, sensitive file path accesses, or attempts at persistence or privilege escalation.
- [PROMPT_INJECTION]: The skill includes instructions for the agent to process untrusted data (counterexample output from external tools like Nitpick or QuickChick). While this represents a surface for indirect prompt injection, the skill itself lacks any executable capabilities (no scripts or tools), which effectively mitigates the risk of such an injection causing harm.
- Ingestion points: Step 1 of the workflow involves receiving counterexample output and failed theorem statements from users.
- Boundary markers: The instructions do not define specific delimiters or guardrails for handling this input.
- Capability inventory: No executable capabilities are provided within the skill's files.
- Sanitization: No input sanitization or validation logic is defined.
Audit Metadata