Security Audit

Rust Core Specialist

github.com/udapy/rust-agentic-skills

AI SkillCommit 78ae406e26df

TRUSTED

Scanned about 2 months ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

Rust Core Specialist received a trust score of 78/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.

SkillShield's automated analysis identified 2 findings: 0 critical, 1 high, 1 medium, and 0 low severity. Key findings include Agent instructed to execute shell script, Unpinned dependencies in build script.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.

Last analyzed on February 12, 2026 (commit 78ae406e). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

78%

Dependency Graph

100%

LLM Behavioral Safety

100%

Behavioral Risk Signals

Shell Execution

2 findings

Dynamic Code

1 finding

Security Findings2

Severity	Finding	Layer	Location
HIGH	Agent instructed to execute shell script The skill explicitly instructs the agent to use `scripts/init_project.sh`, which is a shell script containing `bash` commands. This grants the agent the capability to execute arbitrary shell commands on the host system. While the provided script is currently benign, this capability represents a significant security risk. An attacker could potentially modify the script or prompt the agent to execute other malicious commands, leading to command injection, data exfiltration, or system compromise. Re-evaluate the necessity of direct shell script execution. If unavoidable, ensure scripts are minimal, strictly controlled, and do not accept untrusted input. Consider sandboxing the execution environment or using a more constrained API for specific operations instead of direct shell access.	Static	SKILL.md:10
MEDIUM	Unpinned dependencies in build script The `scripts/init_project.sh` uses `cargo add` commands without specifying exact versions for dependencies (e.g., `tokio`, `anyhow`, `serde`). This means the latest available version will always be pulled. This introduces a supply chain risk, as new versions could introduce breaking changes, vulnerabilities, or even malicious code if a package maintainer's account is compromised or a package is hijacked. Without pinned versions, reproducibility and security auditing become more challenging. Pin all dependencies to specific versions (e.g., `cargo add tokio@1.x.x`). Regularly review and update dependencies to mitigate known vulnerabilities, but do so in a controlled manner after security checks. Consider using a dependency lock file (`Cargo.lock` is generated by `cargo build` or `cargo update`) and ensuring it's committed and respected.	Static	scripts/init_project.sh:9

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/7506535933f177bf.svg)](https://skillshield.io/report/7506535933f177bf)