Acorn Prover
ReviewAudited by ClawScan on May 10, 2026.
Overview
The skill is mostly aligned with Acorn proof work, but its setup writes user-provided paths into a shell-sourced config file without safe quoting, which can execute unintended shell syntax from crafted path names.
Before installing, use simple trusted absolute paths for ACORN_LIB and ACORN_PROJECT, inspect skills/acorn-prover/config.env before sourcing it, and make sure the local acorn/mise/context7 tools you use are trusted. There is no evidence of exfiltration or destructive behavior, but the setup script should be hardened before use.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A crafted or accidental path name could cause commands to run when the agent sources the generated config file.
The setup script writes user-provided directory paths directly into a shell config file as unquoted assignments. Because SKILL.md instructs the agent to source this config file, valid path names containing shell metacharacters such as '$()', ';', or newlines could be interpreted by the shell.
cat > "$CONFIG_FILE" <<EOF ACORN_LIB=$ACORN_LIB ACORN_PROJECT=$ACORN_PROJECT USE_MISE=$USE_MISE EOF
Escape or quote values when writing config.env, reject shell metacharacters and newlines in paths, or use a non-shell config format instead of sourcing user-controlled text.
If the local acorn or mise command is missing, outdated, or replaced by an untrusted binary, proof commands may fail or run unintended code.
The skill depends on local Acorn and optionally mise commands, while the provided metadata declares no required binaries or install spec. This is purpose-aligned, but users must ensure those tools come from trusted installations.
mise run acorn verify <filename>.ac ... acorn --lib "$ACORN_LIB" verify <filename>.ac
Install Acorn and mise only from trusted sources, and consider declaring required binaries in the skill metadata.
Documentation lookups may be routed through an external MCP server if the user has that tool enabled.
The skill discloses optional use of an external MCP documentation source. This is aligned with getting Acorn docs, but users should be aware that MCP calls depend on the configured external tool boundary.
**Context7 docs**: Use `context7` MCP with `/acornprover/acorn` or `/acornprover/acornlib` for latest documentation
Use context7 only for documentation queries and avoid sending private proof content unless you intend to share it with that configured MCP service.