rust-skills
Fail
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: CRITICALEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTION
Full Analysis
- EXTERNAL_DOWNLOADS (CRITICAL): The URLite automated scanner identified a confirmed malicious URL in 'main.rs' that matches a known blacklist entry. Per the severity guidelines, a confirmed detection on a file requires a CRITICAL rating.
- REMOTE_CODE_EXECUTION (CRITICAL): The presence of a malicious URL in a source file like 'main.rs' indicates a high risk of the skill being used to download and execute arbitrary scripts or second-stage payloads during the agent's operation or build process.
- PROMPT_INJECTION (SAFE): Extensive analysis of the 180 documentation files (e.g., 'anti-clone-excessive.md', 'async-bounded-channel.md') found no attempts to bypass safety filters or manipulate the AI agent's core instructions. All analyzed Markdown content appears to be standard, high-quality Rust development guidance.
- DATA_EXFILTRATION (SAFE): There were no detected patterns of sensitive file access (e.g., AWS keys, SSH credentials) or network-based exfiltration in the provided rule set.
- INDIRECT PROMPT INJECTION (LOW):
- Ingestion points: 180 Markdown files within the 'rules/' directory.
- Boundary markers: None present in the documentation files to separate instructions from example data.
- Capability inventory: The skill provides instructions on using powerful crates and system operations including 'tokio::process', 'std::fs', and 'reqwest'.
- Sanitization: No validation or sanitization logic is present within the documentation to prevent the AI from adopting unexpected behaviors if the files were poisoned.
Recommendations
- AI detected serious security threats
- Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata