What kind of security reports does it generate?

It provides structured findings including severity levels, CWE categories, file locations, impact descriptions, and clear remediation guidance.

Can it help with dependency vulnerabilities?

Yes, it guides the use of tools like cargo-audit to detect and report known security flaws within your project's dependency tree.

Is it effective for WebAssembly development?

Yes, it specifically targets WASM-related risks such as FFI boundary validation, integer overflow in memory allocation, and sandboxing constraints.

Does it follow industry security standards?

Absolutely. The skill is designed to align with OWASP guidelines and Rust-specific security best practices to ensure defense-in-depth.

How does this skill handle unsafe Rust code?

It identifies all 'unsafe' blocks and audits them for safety invariants, specifically checking for use-after-free, double-frees, and invalid pointer arithmetic.

Rust & WASM Security Audit

Name: Rust & WASM Security Audit
Author: terraphim

byterraphim

安全与测试

Audits Rust and WebAssembly applications for vulnerabilities, unsafe code usage, and adherence to security best practices.

关于

The security-audit skill transforms Claude into a specialized security engineer dedicated to hardening Rust and WebAssembly ecosystems. It provides a systematic framework for identifying common vulnerability patterns, auditing 'unsafe' blocks for memory safety violations, and validating input handling logic against OWASP guidelines. By emphasizing defense-in-depth and least privilege, the skill helps developers secure FFI boundaries, prevent integer overflows, and ensure cryptographic implementations utilize audited libraries, ultimately producing production-ready code with clear remediation guidance for every finding.

主要功能

Verification of FFI boundaries and secure pointer arithmetic
Cryptographic usage review for industry-standard library compliance
0 GitHub stars
Comprehensive audit of 'unsafe' blocks and memory safety invariants
Automated identification of injection, path traversal, and DoS vectors
Standardized security reporting with severity levels and remediation steps

使用场景

Conducting pre-release security reviews for high-stakes Rust backend services
Hardening WebAssembly modules against sandbox escapes and input manipulation
Auditing legacy codebases for memory safety vulnerabilities and logic flaws

关于

主要功能

Verification of FFI boundaries and secure pointer arithmetic
Cryptographic usage review for industry-standard library compliance
0 GitHub stars
Comprehensive audit of 'unsafe' blocks and memory safety invariants
Automated identification of injection, path traversal, and DoS vectors
Standardized security reporting with severity levels and remediation steps

使用场景

Conducting pre-release security reviews for high-stakes Rust backend services
Hardening WebAssembly modules against sandbox escapes and input manipulation
Auditing legacy codebases for memory safety vulnerabilities and logic flaws