ClawHub

Serde Code Review

v1.0.1

Reviews serde serialization code for derive patterns, enum representations, custom implementations, and common serialization bugs. Use when reviewing Rust co...

0· 114·2 current·2 all-time
byKevin Anderson@anderskev
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name, description, and included reference docs focus on serde derive patterns, enum representations, custom serializers, and edition-2024 pitfalls — all consistent with a code-review helper. The skill requests no binaries, env vars, or installs that would be unrelated to this purpose.
Instruction Scope
The SKILL.md instructs the agent to inspect Cargo.toml and source files and to report issues in a file:line format — appropriate for a code reviewer. One opaque instruction asks to "Load and follow beagle-rust:review-verification-protocol before reporting any issue"; this is ambiguous (no URL or local path provided). Verify what that protocol is and where it would be loaded from before trusting it.
Install Mechanism
No install spec and no code files with executable content — instruction-only skills have minimal disk/write risk.
Credentials
The skill declares no required environment variables, credentials, or config paths. The instructions reference only project files (Cargo.toml and source) relevant to a serde review.
Persistence & Privilege
Skill is not always-enabled and does not request permanent presence or modifications to other skills or system configs. Autonomous invocation is allowed by default (platform behaviour) but is not excessive for a review helper.
Assessment
This appears to be a straightforward, coherent serde/Rust review checklist. Before installing: (1) confirm what "beagle-rust:review-verification-protocol" refers to and where it would be loaded from; (2) ensure the agent will only be allowed to read the repository files you intend it to (Cargo.toml and source) and not other sensitive files; (3) because the skill can be invoked autonomously by default, consider limiting autonomous access or testing on non-sensitive repos first. If you need additional assurance, request the skill author or registry entry provide the verification-protocol source or clarify the protocol loading step.

Like a lobster shell, security has layers — review code before you run it.

latestvk9797rxhc4y7mcvvz4csd53wdd84q4km

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments