Skills
skills/prismer-ai/prismer/academic-prover/Gen Agent Trust Hub

academic-prover

Pass

Audited by Gen Agent Trust Hub on Feb 19, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION] (SAFE): The skill uses curl to interact with a local server at http://localhost:8081. This is the intended mechanism for accessing the prover tools and does not involve executing untrusted scripts from external sources.
  • [DATA_EXFILTRATION] (SAFE): All network activity is directed to the local host. No sensitive files are accessed, and no data is sent to external domains.
  • [INDIRECT_PROMPT_INJECTION] (SAFE): The skill processes proof code provided by the user. While this creates an ingestion surface, it is the primary function of the skill and is handled via a local service. Evidence: 1. Ingestion points: code field in POST requests to /lean/check, /lean/run, /coq/check, and formula field for /z3/solve. 2. Boundary markers: None present in instructions. 3. Capability inventory: Shell-based curl execution. 4. Sanitization: None mentioned in the skill documentation.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 19, 2026, 07:35 AM