rust
Fail
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- Remote Code Execution (HIGH): An automated scanner (URLite) flagged a blacklisted URL within the skill's 'main.rs' file (Detection ID: UR09BDF6D942948297-0200). This indicates a high risk of the skill connecting to malicious infrastructure.\n- Command Execution (MEDIUM): The skill documentation and allowed-tools list include the 'Bash' tool and suggest running 'cargo build' and 'cargo test'. In the Rust ecosystem, these commands automatically execute procedural macros and 'build.rs' scripts. If the agent processes untrusted code, this leads to arbitrary code execution on the host.\n- Indirect Prompt Injection (LOW): The skill is susceptible to indirect prompt injection due to its ingestion of external source code.\n
- Ingestion points: Reads and edits Rust code via 'Read', 'Glob', and 'Grep' tools (specified in SKILL.md frontmatter).\n
- Boundary markers: Lacks instructions or delimiters to ignore embedded prompts in code comments or strings.\n
- Capability inventory: Possesses 'Bash' tool access for compilation and testing, 'Write' and 'Edit' for file modification.\n
- Sanitization: No sanitization of code or validation of build scripts is performed before execution.
Recommendations
- AI detected serious security threats
- Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata