Skills
skills/rebyteai-template/rebyte-skills/axum-rust-template/Gen Agent Trust Hub

axum-rust-template

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [External Downloads] (MEDIUM): The skill clones a repository from https://github.com/Eng0AI/axum-rust-template.git. The 'Eng0AI' organization is not a recognized trusted source, making the downloaded content unverified.
  • [Command Execution] (HIGH): The skill instructions direct the agent to perform cargo build and cargo run on the newly cloned repository. Rust's build system can execute arbitrary code during compilation (e.g., in build.rs scripts), leading to Remote Code Execution if the repository is malicious.
  • [Command Execution] (MEDIUM): The setup process involves shell commands that manipulate the filesystem, including rm -rf .git and moving hidden files. While common for scaffolding, these commands are executed on content provided by an untrusted source.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 01:05 PM