rust-lsp
Pass
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill's installation script (scripts/install.sh) downloads a custom Rust plugin from the author's own GitHub repository (https://github.com/fedemagnani/rust-lsp-plugin) using cargo install.
- [COMMAND_EXECUTION]: The scripts/install.sh script executes shell commands to manage Rust components (rustup component add) and install binaries (cargo install).
- [PROMPT_INJECTION]: The skill processes external Rust codebases through LSP tools, creating a surface for indirect prompt injection where malicious instructions could be embedded in code comments or strings. -- Ingestion points: hover, definitions, references, and workspace_symbols tools read file content from the workspace as described in SKILL.md. -- Boundary markers: No specific delimiters or safety warnings are provided for the agent when processing this untrusted data. -- Capability inventory: The skill has the ability to write to files (rename_symbol tool in SKILL.md applies edits to disk) and execute shell commands (scripts/install.sh). -- Sanitization: There is no evidence of sanitization or filtering applied to the code content before it is processed by the agent.
Audit Metadata