openmath-rocq-theorem
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This instruction-only skill is coherent for Rocq theorem proving, but it guides local build and opam dependency commands that users should run only in a trusted theorem workspace.
This skill appears safe for its stated Rocq theorem workflow. Before use, make sure rocq/coqc, dune, and opam are intentionally available, run it inside the intended theorem workspace, and review any project opam dependencies before installing them.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may run local build and verification commands in the theorem workspace, which can consume resources and affect local build artifacts.
The skill explicitly authorizes local command execution. This is expected for a Rocq build/proof workflow, but users should notice that it operates on their local environment.
side_effects: - Runs local Rocq, dune, and opam commands in the theorem workspace
Use it in a trusted theorem workspace and review commands before running them if the workspace content is unfamiliar.
Using this command may add or change packages in the local opam environment.
The workflow can install dependencies declared by the project into the active opam switch. That is normal for Rocq projects, but it depends on the trustworthiness of the project opam file and package sources.
If the project has an `opam` file, install missing dependencies before proving: ```bash opam install . --deps-only ```
Review the project opam file and use an isolated opam switch for unfamiliar theorem workspaces.