rust-analyzer-lsp
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFECOMMAND_EXECUTIONNO_CODE
Full Analysis
- [COMMAND_EXECUTION]: The documentation suggests executing commands such as
cargo build,cargo run, andcargo test. These operations involve an inherent risk of executing arbitrary code if the target Rust project is untrusted, specifically through maliciousbuild.rsscripts or compromised test cases. - [COMMAND_EXECUTION]: The skill contains installation instructions for Linux package managers that utilize
sudo(e.g.,sudo apt install rust-analyzer). An automated agent following these instructions would be performing privilege escalation. - [NO_CODE]: The skill does not contain any executable scripts (e.g., Python or Bash files). It is comprised entirely of Markdown instructions and metadata, reducing the risk of direct malicious code execution from the skill itself.
- [COMMAND_EXECUTION]: Indirect Prompt Injection Surface Analysis:
- Ingestion points: The agent reads Rust source code (
.rsfiles) and project configuration (Cargo.toml) from the local environment. - Boundary markers: None are defined; instructions do not advise the agent to ignore embedded commands in project files.
- Capability inventory: The skill encourages the use of
cargocommands which spawn subprocesses capable of running arbitrary code defined in the project structure. - Sanitization: There is no mention of sanitizing or validating project files before execution.
Audit Metadata