Cargo Toml Validator
Security checks across malware telemetry and agentic risk
Overview
This skill is a local Cargo.toml checking tool that reads a chosen manifest and reports validation issues without network access, persistence, or credential use.
Before installing, understand that using the skill means running its bundled local Python validator on Cargo.toml files you choose. It appears narrow and non-networked, but for sensitive projects you may still want to review the script because publisher provenance is limited.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
66/66 vendors flagged this skill as clean.