Security Audit

Rust Core Specialist

github.com/udapy/rust-agentic-skills

AI SkillCommit 78ae406e26df

TRUSTED

Scanned 8 days ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

Rust Core Specialist received a trust score of 78/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.

SkillShield's automated analysis identified 2 findings: 0 critical, 1 high, 1 medium, and 0 low severity. Key findings include Agent instructed to execute shell script, Unpinned dependencies in build script.

The analysis covered 4 layers: manifest_analysis, llm_behavioral_safety, dependency_graph, static_code_analysis. All layers scored 70 or above, reflecting consistent security practices.

Last analyzed on February 12, 2026 (commit 78ae406e). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

78%

Dependency Graph

100%

LLM Behavioral Safety

100%

Behavioral Risk Signals

Shell Execution

2 findings

Dynamic Code

1 finding

Security Findings2

Severity	Finding	Layer	Location
HIGH	Agent instructed to execute shell script The skill explicitly instructs the agent to use `scripts/init_project.sh`, which is a shell script containing `bash` commands. This grants the agent the capability to execute arbitrary shell commands on the host system. While the provided script is currently benign, this capability represents a significant security risk. An attacker could potentially modify the script or prompt the agent to execute other malicious commands, leading to command injection, data exfiltration, or system compromise. Re-evaluate the necessity of direct shell script execution. If unavoidable, ensure scripts are minimal, strictly controlled, and do not accept untrusted input. Consider sandboxing the execution environment or using a more constrained API for specific operations instead of direct shell access.	Unknown	SKILL.md:10
MEDIUM	Unpinned dependencies in build script The `scripts/init_project.sh` uses `cargo add` commands without specifying exact versions for dependencies (e.g., `tokio`, `anyhow`, `serde`). This means the latest available version will always be pulled. This introduces a supply chain risk, as new versions could introduce breaking changes, vulnerabilities, or even malicious code if a package maintainer's account is compromised or a package is hijacked. Without pinned versions, reproducibility and security auditing become more challenging. Pin all dependencies to specific versions (e.g., `cargo add tokio@1.x.x`). Regularly review and update dependencies to mitigate known vulnerabilities, but do so in a controlled manner after security checks. Consider using a dependency lock file (`Cargo.lock` is generated by `cargo build` or `cargo update`) and ensuring it's committed and respected.	Unknown	scripts/init_project.sh:9

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/7506535933f177bf.svg)](https://skillshield.io/report/7506535933f177bf)