v1.0.0

Rust Unsafe Auditor

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 12:46 PM.

Analysis

This instruction-only skill appears benign: it gives read-only Rust unsafe-code audit guidance with no install code, credentials, persistence, network use, or destructive actions.

GuidanceThis skill is reasonable to install for Rust code review. Use it in the correct project directory, and review any source snippets or audit output before sharing them outside your workspace.

Findings (1)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation

SeverityInfoConfidenceHighStatusNote

SKILL.md

find . -name "*.rs" -not -path '*/target/*' | wc -l

The skill instructs the agent to run local recursive file-discovery and grep-style commands. This matters because it may read project source files, but it is read-only and directly aligned with auditing Rust unsafe code.

User impactIf run from the wrong directory, the agent may inspect Rust source files outside the intended project and include results in its response.

RecommendationRun the skill from the intended Rust repository and avoid sharing command output that contains private source code unless you intend to.