rust-testing
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: CRITICALREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [REMOTE_CODE_EXECUTION] (CRITICAL): Automated URLite scanning identified a malicious URL within the file 'main.rs'. The detection (ID: UR09BDF6D942948297-0200) indicates a confirmed match against a blacklist, representing a verified threat.
- [EXTERNAL_DOWNLOADS] (HIGH): The skill's CI documentation and templates (e.g., 'ci-cargo-nextest.md', 'ci-coverage.md', 'ci-caching.md') recommend using external GitHub Actions from non-whitelisted sources (taiki-e, Swatinem, codecov). These actions download and execute binaries at runtime and are outside the scope of trusted organizations, posing a high risk of supply chain attack.
- [COMMAND_EXECUTION] (MEDIUM): Multiple instruction files provide complex shell commands and bash scripts for CI workflows that include downloading tools and piping data to shells. While presented as best practices, the reliance on untrusted external repositories for these tools creates a significant vulnerability surface.
Recommendations
- AI detected serious security threats
- Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata