Serde Code Review
v1.0.0Reviews serde serialization code for derive patterns, enum representations, custom implementations, and common serialization bugs. Use when reviewing Rust co...
⭐ 0· 53·0 current·0 all-time
byKevin Anderson@anderskev
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The name and description match the instructions: the workflow focuses on Cargo.toml, derive usage, enum representations, field attributes, and round-trip tests — all expected for a serde code-review helper. No unrelated binaries, env vars, or config paths are requested.
Instruction Scope
The SKILL.md gives concrete, scoped review steps and a clear report format. The only unusual item is the final line: "Load and follow beagle-rust:review-verification-protocol before reporting any issue." That reference is ambiguous (it may point to an internal process/skill) but the rest of the instructions do not ask the agent to read arbitrary system files or exfiltrate data. If the referenced protocol causes additional network calls or other skill invocations, that could expand scope — the SKILL.md itself does not include those steps.
Install Mechanism
There is no install spec and no code files to install. As an instruction-only skill, it writes nothing to disk and does not pull external packages — this is the lowest-risk pattern.
Credentials
The skill declares no required environment variables, credentials, or config paths. The checks it performs (Cargo.toml, source files) are proportional to a code-review task.
Persistence & Privilege
The skill is not always-enabled and does not request persistent presence or elevated privileges. It does not attempt to modify other skills or system settings.
Assessment
This skill appears coherent and low-risk: it is an instruction-only serde code-review checklist that asks for no secrets or installs. Before using it, confirm what your agent will do when it follows the instruction to "Load and follow beagle-rust:review-verification-protocol" — if that triggers additional skill invocations or network calls you should review what that protocol does. Also avoid sending highly sensitive production secrets or private keys into any automated review; review the results before acting on suggested code changes. If you want to limit risk further, disable autonomous skill invocation for agents that will run untrusted code-review instructions.Like a lobster shell, security has layers — review code before you run it.
latestvk9752j7fwhwrbvc9pwm66pq5rn83q688
License
MIT-0
Free to use, modify, and redistribute. No attribution required.