ClawHub

Rust Project Setup

v1.0.1

Guidance for scaffolding new Rust projects. Use when: (1) starting a new Rust project or workspace, (2) configuring Cargo.toml best practices, (3) setting up...

0· 81·1 current·1 all-time
byKevin Anderson@anderskev
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
Crypto
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description (Rust project setup, Cargo, CI, linting, workspaces) match the content of SKILL.md and the reference files. The skill requires no binaries, env vars, or installs, which is proportional for a documentation/instruction skill.
Instruction Scope
The runtime instructions are purely prescriptive (commands to run, Cargo.toml snippets, CI workflow examples) and stay within the scope of scaffolding and CI setup. Notes: the CI examples reference a GitHub Actions token (as an example) and recommend using actions like dtolnay/rust-toolchain; the MSRV example uses dtolnay/rust-toolchain@master (unpinned branch) which is less ideal than a stable tag — this is a best-practice concern rather than a direct incoherence. Also some edition-2024 migration lines (e.g., #[unsafe(no_mangle)]) appear to be incorrect or nonstandard Rust attribute syntax — those are accuracy issues, not evidence of malicious intent.
Install Mechanism
No install spec and no code files that would be written to disk. Instruction-only skills are the lowest-risk install mechanism and this skill uses none.
Credentials
The skill declares no required environment variables or credentials. The CI reference shows typical use of ${{ secrets.GITHUB_TOKEN }} for audit steps, which is normal for GitHub Actions and proportional to the described CI purpose.
Persistence & Privilege
always is false and the skill does not request persistent presence or modify other skills/system settings. It is user-invocable and does not request elevated privileges.
Assessment
This appears to be a coherent, documentation-only skill for scaffolding Rust projects and safe to read/install because it asks for nothing sensitive and writes no code. Before you copy/paste: (1) verify any CI GitHub Action references are pinned to trusted versions (avoid using @master in workflows); (2) test edition-2024 migration guidance in a disposable branch — a few attributes in the text look nonstandard and may be inaccurate; and (3) treat the examples as templates (they reference standard actions and tools like cargo-deny, cargo-audit, and Swatinem/rust-cache). If you rely on its CI examples, ensure your repo secrets and action pins follow your organization's security policy.

Like a lobster shell, security has layers — review code before you run it.

latestvk971pkykwhxdt9mx01dkrch59h84qy7b

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments