Skills
skills/modra40/claude-codex-skills-directory/rust-senior-engineer/Gen Agent Trust Hub

rust-senior-engineer

Fail

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: CRITICALREMOTE_CODE_EXECUTIONCREDENTIALS_UNSAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [REMOTE_CODE_EXECUTION] (CRITICAL): Automated URLite scanner confirmed a blacklisted malicious URL in main.rs. While the file content was not provided for manual analysis, this detection is confirmed by the automated security scanner.
  • [CREDENTIALS_UNSAFE] (HIGH): The assets/github-ci.yml file contains hardcoded database credentials (postgres://test:test@localhost:5432/test) within the test and coverage job environments.
  • [EXTERNAL_DOWNLOADS] (MEDIUM): The project relies on unverified third-party GitHub Actions from non-trusted organizations (dtolnay, Swatinem, taiki-e, codecov) and performs external package installations from crates.io.
  • [COMMAND_EXECUTION] (LOW): The project performs multiple shell command executions during the CI/CD process for building and testing.
  • [PROMPT_INJECTION] (LOW): The code review guidelines establish a surface for processing untrusted code (PR diffs) without sanitization or boundary markers, creating a risk for indirect prompt injection. Evidence: Ingestion: references/code-review-guide.md; Boundaries: None; Capability: cargo in CI; Sanitization: None.
Recommendations
  • AI detected serious security threats
  • Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata
Risk Level
CRITICAL
Analyzed
Feb 17, 2026, 06:07 PM