rust-lifecycle
Pass
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes shell commands to manage branches and validate the project environment. Evidence: SKILL.md and references/workflow-steps.md use git for branch management and gh for pull request operations.
- [REMOTE_CODE_EXECUTION]: The skill invokes specialized sub-agents to perform implementation and review tasks. Evidence: references/workflow-steps.md demonstrates the use of the Task() tool to launch agents within the rust-agents namespace.
- [DATA_EXFILTRATION]: The skill transmits project code and metadata to remote repositories as part of its core functionality. Evidence: references/workflow-steps.md uses git push and gh pr create to update GitHub repositories with phase completion artifacts.
- [PROMPT_INJECTION]: The skill contains a surface for indirect prompt injection through its agent-to-agent handoff protocol. (1) Ingestion points: Data from sub-agents enters the workflow via YAML files in the .local/handoff/ directory. (2) Boundary markers: Absent; handoff file paths are interpolated into sub-agent prompts without explicit delimiters or instructions to ignore untrusted content. (3) Capability inventory: The orchestrator possesses the ability to execute git/gh commands and launch further agents with the Task() tool. (4) Sanitization: Absent; while the orchestrator filters specific fields for logic control, the complete handoff file is accessible to the next agent in the chain without sanitization.
Audit Metadata