Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
lean4-theorem-proving
v0.1.0Use when working with Lean 4 (.lean files), writing mathematical proofs, seeing "failed to synthesize instance" errors, managing sorry/axiom elimination, or...
⭐ 0· 19·0 current·0 all-time
by@wu-uk
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description describe a Lean 4 theorem-proving assistant and the included reference docs align with that purpose. However, the SKILL.md repeatedly instructs running external developer tools (lake build, git apply, bash .claude/tools/lean4/*.sh, python scripts, LSP server, slash commands in 'Claude Code') yet the skill declares no required binaries, no install steps, and ships no scripts or binaries. That mismatch (instructions requiring Lean/tooling/scripts not present or declared) is disproportionate to the declared manifest and could cause surprises at runtime.
Instruction Scope
The runtime instructions tell the agent to compile (lake build), extract errors, run local scripts (e.g., .claude/tools/lean4/check_axioms.sh, scripts/parseLeanErrors.py, scripts/solverCascade.py), apply git patches, and optionally delegate to subagents. Those actions are coherent for an automated repair workflow, but they instruct filesystem and VCS operations (reading files, applying patches) and expect existing helper scripts/commands and LSP integration that are not included. Users should expect the agent to need repository access and the ability to run these commands if they enable the skill.
Install Mechanism
Instruction-only skill with no install spec or code files. This is low-install risk because nothing is downloaded or installed by the skill bundle itself. The higher operational risk comes from instructions that assume external tooling and scripts exist in the environment.
Credentials
The skill does not request environment variables, credentials, or config paths. That is proportional to its purpose. Note, however, the instructions implicitly require access to local tools (lake, git, bash, python) and possibly to Mathlib/remote search tools (leanfinder/loogle) which may in practice need network access or additional credentials depending on how they're implemented — none of that is declared.
Persistence & Privilege
always:false and no special persistence or cross-skill configuration modifications are requested. The skill does instruct the agent to run git apply and to modify project files as part of repair workflows; this is expected for an automated code-repair capability but does mean you should only enable it in trusted repositories and with appropriate backups.
What to consider before installing
This skill appears to be a well-documented Lean 4 assistant, but the runtime instructions assume many local tools, helper scripts, and slash-command integrations that the skill does not declare or include. Before installing or enabling it: (1) verify you have the Lean toolchain (lake), git, bash, and python available; (2) confirm the referenced helper scripts (e.g., .claude/tools/lean4/*.sh and scripts/*.py) exist in your environment or repository — the SKILL bundle does not provide them; (3) be aware the repair workflow will read and modify files and run git apply patches, so run it only in repos you trust and back up work; (4) if you expect this skill to run in an environment without the mentioned 'Claude Code' slash-command system or subagent framework, ask the author how those commands map to your environment; and (5) request the author to either declare required binaries/scripts in the manifest or bundle the helper scripts, so the skill's requirements match its instructions.Like a lobster shell, security has layers — review code before you run it.
latestvk9709mycmx16drdskqare9reh584xjbg
License
MIT-0
Free to use, modify, and redistribute. No attribution required.