rust-review
Pass
Audited by Gen Agent Trust Hub on Apr 13, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides detailed and legitimate instructions for auditing Rust codebases. It covers critical areas such as ownership, lifetimes, unsafe code invariants, and concurrency safety using established Rust best practices.
- [COMMAND_EXECUTION]: The skill references the use of standard Rust utility tools like
cargo audit,cargo tree,cargo outdated, andcargo denyfor dependency management and security scanning. These are appropriate for the skill's stated purpose as a code review tool. - [INDIRECT_PROMPT_INJECTION]: The skill is designed to process external Rust source code (
**/*.rs), which constitutes a surface for indirect prompt injection where malicious instructions could be embedded in code comments or metadata. This is an inherent risk of code review automation. - Ingestion points: Ingests and analyzes all Rust source files in the project.
- Boundary markers: None explicitly defined in the provided modules.
- Capability inventory: Uses specialized analyzers and standard CLI tools to process code and dependencies.
- Sanitization: Relies on the agent's core safety layers; no specific instruction-level sanitization is defined.
Audit Metadata