rust-macros
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Prompt Injection (SAFE): No instructions found that attempt to override agent behavior or bypass safety filters. All content is educational and related to Rust macro development.
- Data Exposure & Exfiltration (SAFE): No hardcoded credentials, sensitive file path access, or network operations to non-whitelisted domains were detected. Local file access is limited to the skill's own configuration and structure validation.
- Obfuscation (SAFE): No Base64, zero-width characters, homoglyphs, or hex-encoded strings were found. All scripts and documentation are in plain text.
- Unverifiable Dependencies & Remote Code Execution (SAFE): The skill references standard Rust crates (syn, quote) and Python libraries (PyYAML) for legitimate purposes. There are no patterns of remote script execution or piped downloads.
- Privilege Escalation (SAFE): No commands involving sudo, chmod, or modification of system-level configurations were identified.
- Persistence Mechanisms (SAFE): No attempts to modify shell profiles, cron jobs, or startup services were found.
- Indirect Prompt Injection (SAFE): While the skill processes local configuration files, it uses safe loading practices (yaml.safe_load) and does not ingest untrusted data from external network sources.
- Dynamic Execution (SAFE): No use of eval(), exec(), or runtime compilation of untrusted strings. The validation script uses standard library functions for file system checks.
Audit Metadata