rust-system-event-driven
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE] (SAFE): No malicious instructions, prompt injections, or obfuscated contents were found. The skill serves as a static reference for developers and does not ship with any executable code.
- [Indirect Prompt Injection] (LOW): The skill provides patterns for sensitive operations such as file system access and subprocess management. While the documentation is safe, these patterns represent an attack surface if an AI agent applies them to untrusted data without proper sanitization.
- Ingestion points: User requests for code generation or refactoring based on this skill's rules.
- Boundary markers: Absent; the skill provides static documentation rather than prompt wrappers.
- Capability inventory:
tokio::process::Command(references/sig-child-reap.md, references/io-pipe-communication.md),tokio::fs(references/io-async-file-ops.md), andTcpStream(references/net-timeout-all-io.md). - Sanitization: Not applicable as the skill is a reference guide, though it correctly emphasizes safety in its internal code examples.
- [EXTERNAL_DOWNLOADS] (LOW): The README.md mentions the use of
pnpm installfor dependency management. No configuration files (e.g., package.json) were provided to evaluate specific packages, but the activity is consistent with the skill's stated purpose as a developer tool.
Audit Metadata