rust-best-practices
Pass
Audited by Gen Agent Trust Hub on Mar 19, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill acts as a reference handbook for idiomatic Rust programming. Its primary purpose is to provide context and instructions for code review and refactoring tasks.
- [EXTERNAL_DOWNLOADS]: The documentation references well-known utilities such as
clippy,flamegraph, andcargo-insta. These tools are standard in the Rust ecosystem and are fetched from official sources like the Rust toolchain and crates.io. - [COMMAND_EXECUTION]: The skill is granted permission to use standard Rust development tools (
cargo,rustc,rustfmt,clippy) through the Bash tool. These are used for linting, building, and formatting code, which is essential for the skill's stated purpose. - [PROMPT_INJECTION]: The skill presents a surface area for indirect prompt injection as it is intended to process and refactor user-provided Rust source code.
- Ingestion points: The agent is instructed to use this skill when reviewing or refactoring existing Rust code (SKILL.md).
- Boundary markers: No explicit boundary markers or instructions to ignore embedded commands are present in the reference materials.
- Capability inventory: The skill has access to file system operations (Read, Write, Edit, Glob, Grep) and the Rust compiler toolchain (Bash commands).
- Sanitization: There are no specific sanitization or validation steps provided for external code inputs; the skill relies on standard platform guardrails.
Audit Metadata