The Agent Skills Directory

COMMAND_EXECUTION (SAFE): The skill uses the Bash tool to execute standard diagnostic commands cargo metadata and cargo tree. These are routine development tasks and do not involve system modification or remote script execution.
DATA_EXPOSURE (SAFE): The skill accesses Cargo.toml and project dependency information to perform its visual functions. No sensitive files such as SSH keys, cloud credentials, or environment variables are accessed.
INDIRECT_PROMPT_INJECTION (LOW): The skill possesses a surface for indirect prompt injection by processing external project data. Ingestion points: Dependency names and metadata are read from Cargo.toml and cargo output. Boundary markers: None are present to distinguish between project data and instructions. Capability inventory: The skill uses Bash for local command execution. Sanitization: No validation or escaping is performed on the ingested metadata before it is presented to the agent context.

rust-deps-visualizer