rust-deps-visualizer
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (HIGH): The skill processes untrusted local project files. Evidence: 1. Ingestion: Cargo.toml and directory contents via Bash/Read. 2. Boundary markers: None present. 3. Capability inventory: Bash tool execution of cargo metadata/tree. 4. Sanitization: None.
- Command Execution (HIGH): The skill uses the Bash tool to run cargo commands on local directories. An attacker can achieve RCE by placing a malicious project with a build.rs script or procedural macro in the target directory, which cargo may execute during dependency resolution.
Recommendations
- AI detected serious security threats
Audit Metadata