cargo-llvm-cov
Pass
Audited by Gen Agent Trust Hub on Apr 26, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill serves as a guide for using
cargo-llvm-cov, a well-known and reputable open-source tool within the Rust ecosystem for generating code coverage reports. - [EXTERNAL_DOWNLOADS]: The skill instructs the user to install tools via official package managers (
cargo install,rustup component add) and references well-known GitHub Actions (such asdtolnay/rust-toolchainandtaiki-e/install-action) for CI integration. These sources are established and standard for Rust development. - [CREDENTIALS_UNSAFE]: The provided CI configuration examples correctly use environment variables and secrets placeholders (e.g.,
${{ secrets.CODECOV_TOKEN }}) for authentication with external services like Codecov and Coveralls, adhering to secure secret management practices. - [COMMAND_EXECUTION]: The commands described are restricted to the intended purpose of the skill: running tests, generating coverage data, and formatting reports. No suspicious or unauthorized command execution patterns were detected.
Audit Metadata