Can it scan my Rust dependencies for vulnerabilities?

Yes, the skill includes a dependency review module that scans Cargo.toml files for security risks, version conflicts, and necessary updates.

Does it provide a summary of the audit findings?

Yes, the skill generates a structured output format including a summary, analysis of specific domains, and a clear recommendation to approve or block code changes.

Is this skill suitable for auditing Unsafe Rust code?

Absolutely. It focuses on documenting invariants and checking FFI contracts to ensure that 'unsafe' blocks do not compromise the overall safety of the application.

Does this skill check for memory safety in Rust?

Yes, it specifically analyzes ownership, borrowing, and lifetimes to identify potential memory safety violations and ensures that all unsafe blocks are properly documented.

How does it help with async and concurrency?

It reviews async patterns and synchronization primitives to detect race conditions, deadlocks, and non-blocking correctness in concurrent Rust code.

Rust Code Review & Safety Audit

Name: Rust Code Review & Safety Audit
Author: athola

byathola

•

Seguridad y Pruebas

Conducts expert-level Rust code audits focusing on memory safety, concurrency patterns, and idiomatic practices.

The Rust Review skill empowers Claude to perform deep technical audits of Rust applications, specifically targeting high-risk areas like ownership models, lifetime management, and unsafe code blocks. It automates the verification of safety invariants, evaluates async/concurrency patterns for potential race conditions, and scans Cargo dependencies for known vulnerabilities. Designed for senior developers and security researchers, it ensures that Rust projects adhere to strict idiomatic standards while maintaining high performance and memory safety throughout the development lifecycle.

Características Principales

01Specialized auditing of unsafe blocks with documentation of safety invariants.

0210 GitHub stars

03Security scanning for Cargo dependencies and supply chain vulnerabilities.

04Concurrency pattern evaluation for async/sync correctness and performance.

05Deep ownership and lifetime analysis to identify complex borrowing issues.

06Automated evidence logging to track audit findings and required action items.

Casos de Uso

01Reviewing complex pull requests in performance-critical Rust systems.

02Validating new library dependencies and async implementations before production deployment.

03Auditing legacy Rust codebases for memory safety and FFI contract compliance.

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add athola/claude-night-market rust-review

For use in Claude.ai and ChatGPT

Download Skill