ClawHub

Rust Code Review

v1.0.0

Reviews Rust code for ownership, borrowing, lifetime, error handling, trait design, unsafe usage, and common mistakes. Use when reviewing .rs files, checking...

0· 70·0 current·0 all-time
byKevin Anderson@anderskev
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The skill's name and description (Rust code review for ownership, lifetimes, error handling, etc.) match the runtime instructions and the included reference documents. It reasonably asks the reviewer to inspect Cargo.toml, dependencies, workspace layout, and .rs files — all expected for this purpose.
Instruction Scope
The SKILL.md stays on-task: it instructs reading project files (Cargo.toml, source files) and using the provided checklists and reference docs. One vague line — "Load beagle-rust:review-verification-protocol before submitting findings" — references an external verification protocol or internal resource that is not included in the package; this is unclear but not obviously malicious. Otherwise the instructions do not request unrelated files, credentials, or exfiltration.
Install Mechanism
No install spec and no code files that execute on the host. Instruction-only skills pose the least install risk; nothing is downloaded or written to disk by the skill itself.
Credentials
The skill declares no required environment variables, binaries, or credentials. The references and checklists don't rely on external secrets or unrelated services.
Persistence & Privilege
always:false and default agent invocation settings are used. The skill does not request persistent privileges or modifications to other skills or agent-wide settings.
Assessment
This is an instruction-only Rust review checklist that will read your repository files (Cargo.toml and .rs files) — expected for a code-review skill. There are no installs or secret requests. The only unclear item is the instruction to "Load beagle-rust:review-verification-protocol": verify in your agent environment what that reference resolves to (an internal doc, another skill, or an external endpoint) before allowing autonomous runs. If you prefer tight control, run the review interactively rather than letting the agent invoke the skill autonomously, and ensure the agent has permission only to the project directories you intend to share.

Like a lobster shell, security has layers — review code before you run it.

latestvk976qrdv3yh4hvjv17wxpzfrex83q5d7

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments