Skills
skills/oimiragieo/agent-studio/rust-expert/Gen Agent Trust Hub

rust-expert

Pass

Audited by Gen Agent Trust Hub on Mar 3, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its automated analysis of external codebases.
  • Ingestion points: The script scripts/main.cjs uses fs.readFileSync to ingest the content of all .rs and Cargo.toml files found within a user-specified target directory.
  • Boundary markers: No explicit delimiters or instructions are provided to the agent to treat the ingested file content as untrusted data or to disregard any embedded instructions within the source code.
  • Capability inventory: The skill explicitly grants the agent access to high-impact tools including Bash, Write, and Edit, which could be abused if an injection in a processed file successfully influences the agent's behavior.
  • Sanitization: There is no evidence of sanitization, validation, or filtering of the ingested source code content before it is passed to the agent for analysis.
  • [COMMAND_EXECUTION]: The skill configuration in SKILL.md enables the Bash tool for the agent. While the provided Node.js scripts do not execute arbitrary shell commands directly, the availability of this tool to the agent increases the potential impact if the agent is manipulated via indirect injection from the files it analyzes.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 3, 2026, 02:59 AM