Skills
skills/mohitmishra786/low-level-dev-skills/rust-cross/Gen Agent Trust Hub

rust-cross

Fail

Audited by Gen Agent Trust Hub on Feb 21, 2026

Risk Level: CRITICALEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS] (LOW): The skill instructs users to install external tools cross and cargo-zigbuild using cargo install. These are industry-standard tools for the skill's stated purpose of cross-compilation.
  • [COMMAND_EXECUTION] (SAFE): Standard use of build commands including cargo build, cross build, and rustup target add. These operations are essential for the primary functionality of binary compilation.
  • [PROMPT_INJECTION] (LOW): This skill exhibits an indirect prompt injection surface (Category 8) because it interacts with project configuration files that could be manipulated to influence agent behavior during builds.
  • Ingestion points: Cargo.toml, Cross.toml, and .cargo/config.toml.
  • Boundary markers: Absent in instructions.
  • Capability inventory: cargo build, cross build, rustup, and apt-get (inside Docker context).
  • Sanitization: Not applied to project configuration content.
  • [SECURITY_SCANNER_ALERT] (SAFE): An automated scanner flagged main.rs for a blacklisted URL. Manual review of the main.rs snippet in SKILL.md reveals only standard, safe Rust no_std boilerplate with no URLs, indicating a likely false positive.
Recommendations
  • Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata
Risk Level
CRITICAL
Analyzed
Feb 21, 2026, 11:05 AM