Skills
skills/tumf/skills/rust-cli/Gen Agent Trust Hub

rust-cli

Fail

Audited by Gen Agent Trust Hub on Mar 3, 2026

Risk Level: CRITICALREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [REMOTE_CODE_EXECUTION]: The Makefile template in references/templates.md contains a target pre-commit-hooks that executes curl -LsSf https://github.com/j178/prek/releases/latest/download/prek-installer.sh | sh. This pattern is highly dangerous as it fetches and executes an arbitrary remote script without integrity verification, creating a direct path for remote code execution.
  • [EXTERNAL_DOWNLOADS]: The skill recommends installing cargo-release via cargo install in SKILL.md and provides a template in references/crates.md that lists several external dependencies.
  • [COMMAND_EXECUTION]: The SKILL.md and Makefile template include instructions for executing various system and development commands, such as cargo release, cargo publish, and prek install, which grant the agent significant control over the local execution environment.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
CRITICAL
Analyzed
Mar 3, 2026, 09:47 PM