rust-router
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The metadata in 'SKILL.md' uses 'CRITICAL' and 'HIGHEST PRIORITY' markers to instruct the agent to override its default task-handling logic and use this skill for all Rust questions.
- [COMMAND_EXECUTION]: The integration file 'integrations/os-checker.md' suggests the execution of various CLI tools, including 'cargo audit', 'geiger', 'miri', 'rudra', and 'lockbud', based on user-provided intent.
- [PROMPT_INJECTION]: The skill processes untrusted user input for internal routing and tool selection without implementing sanitization or boundary markers. Ingestion points: User-provided Rust questions and code snippets are parsed in 'SKILL.md' for intent and error routing. Boundary markers: No delimiters or specific 'ignore embedded instructions' warnings are present to separate user input from routing logic. Capability inventory: The skill suggests the execution of external audit tools as documented in 'integrations/os-checker.md'. Sanitization: No evidence of input validation, escaping, or filtering is provided for the processing of user queries.
Audit Metadata