embedded-rust

This skill is a documentation/instruction artifact for embedded Rust development and does not itself contain obfuscated or clearly malicious code. However, it contains high-risk supply-chain patterns: an unpinned curl | sh installer instruction and a .cargo runner that auto-executes probe-rs as part of builds. Those patterns materially increase risk because they cause remote code to be fetched-and-executed on the host and enable powerful device-flashing operations. The defmt logging and flashing workflows are appropriate for the stated purpose but can leak sensitive runtime data or produce real-world side effects if tooling or firmware is compromised. Recommendation: avoid piped installers; prefer installing probe-rs via package managers or pinned release artifacts with checksum/signature verification, warn users about runner auto-execution, and document redaction of secrets from defmt logs.