axiom-verify
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Recommends the installation of the axiom-axle Python package via pip to provide CLI and library support for the service.
- [COMMAND_EXECUTION]: Utilizes the axle command-line interface and curl to interact with the Axiom API for Lean 4 proof verification. This creates a standard indirect prompt injection surface by processing Lean code provided by the user.
- Ingestion points: Lean source code read from local files (e.g., file.lean) specified by the user.
- Boundary markers: None; the skill is designed to process the full content of the file for verification.
- Capability inventory: Subprocess execution via Bash(axle *) and network requests via Bash(curl *).
- Sanitization: None; the skill relies on the remote Axle API to handle and validate the code within a controlled verification environment.
- [DATA_EXFILTRATION]: Transmits Lean source code and the AXLE_API_KEY to axle.axiommath.ai for processing. This behavior is documented and essential for the skill's primary function of cloud-based formal verification.
Audit Metadata