← Back to Skills Marketplace
charlie-morrison

Cargo.toml Validator

by charlie-morrison · GitHub ↗ · v1.0.0 · MIT-0
cross-platform ✓ Security Clean
85
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install cargo-toml-validator
Description
Validate Rust Cargo.toml manifests for dependency issues, missing metadata, feature conflicts, workspace config, and crates.io publishing readiness. Use when...
README (SKILL.md)

Cargo.toml Validator

Validate Rust Cargo.toml manifest files for structural correctness, dependency hygiene, feature configuration, workspace setup, and crates.io publishing readiness. Uses Python 3.11+ tomllib for native TOML parsing — no external dependencies.

Commands

validate — Full validation with all rules

python3 scripts/cargo_toml_validator.py validate Cargo.toml
python3 scripts/cargo_toml_validator.py validate Cargo.toml --strict
python3 scripts/cargo_toml_validator.py validate Cargo.toml --format json

check — Quick check (errors and warnings only)

python3 scripts/cargo_toml_validator.py check Cargo.toml
python3 scripts/cargo_toml_validator.py check Cargo.toml --format summary

explain — Show all rules with descriptions

python3 scripts/cargo_toml_validator.py explain Cargo.toml
python3 scripts/cargo_toml_validator.py explain Cargo.toml --format json

suggest — Run validation and propose fixes

python3 scripts/cargo_toml_validator.py suggest Cargo.toml
python3 scripts/cargo_toml_validator.py suggest Cargo.toml --format json

Flags

Flag Description
--strict Treat warnings as errors — exit code 1 (CI-friendly)
--format text Human-readable output (default)
--format json Machine-readable JSON
--format summary Compact summary with counts

Validation Rules (24)

Structure (5)

Rule Severity Description
S1 error File not found or unreadable
S2 error Empty file
S3 error Invalid TOML syntax
S4 error/warning Missing [package] section (error for bins/libs, warning for virtual workspaces)
S5 error/warning Missing required fields: name, version (error), edition (warning)

Package Metadata (4)

Rule Severity Description
M1 warning Missing edition field (defaults to 2015)
M2 info Outdated edition (2015/2018 when 2021/2024 available)
M3 warning Missing license or license-file for crates.io
M4 warning Missing description for crates.io

Dependencies (6)

Rule Severity Description
D1 error Wildcard version *
D2 warning Unpinned dependency without version specifier
D3 warning Git dependency without rev/tag/branch pin
D4 info Path dependency (blocks crates.io publish)
D5 warning Duplicate dep in [dependencies] and [dev-dependencies] with different versions
D6 info Deprecated crate name (failure, error-chain, iron, rustc-serialize, old hyper/tokio/actix-web/rocket/time)

Features (3)

Rule Severity Description
F1 error Feature enables non-existent dependency
F2 warning Empty feature (no deps or sub-features)
F3 error Circular feature dependencies

Workspace (3)

Rule Severity Description
W1 warning [workspace] with no members
W2 info Both [package] and [workspace] without members (ambiguous)
W3 info [workspace.dependencies] detected — hint about workspace = true in members

Best Practices (3+)

Rule Severity Description
B1 info Missing documentation link for published crates
B2 info Build script without [build-dependencies]
B3 info Very large number of dependencies (>30)
B4 info Missing repository/homepage URL

Exit Codes

Code Meaning
0 No errors (warnings allowed unless --strict)
1 Errors found (or warnings in --strict mode)
2 File not found / parse error

Example Output

Cargo.toml validate — Cargo.toml
=================================
[ERROR  ] S5: Missing required field: package.version
         Set version directly or use version.workspace = true.
[WARNING] M1: Missing edition field — defaults to 2015
         Add edition = "2021" or edition = "2024" to [package].
[WARNING] D3: Git dependency 'my-fork' in [dependencies] is not pinned
         Pin to a rev, tag, or branch for reproducibility. URL: https://github.com/user/fork
[INFO   ] D4: Path dependency 'utils' in [dependencies] — blocks crates.io publish
         Path: ../utils. Fine for local dev, but won't work on crates.io.
[INFO   ] B4: Missing repository and homepage URL
         Add repository = "https://github.com/..." to [package] for crates.io visibility.

Result: INVALID
Summary: 1 error(s), 2 warning(s), 2 info
Usage Guidance
This skill appears coherent and locally scoped: it runs a bundled Python script to check a Cargo.toml and requires no external credentials or installers. Before running in a production environment, you may want to: (1) review the full scripts/cargo_toml_validator.py file to confirm there are no network calls, subprocess.exec calls, or unexpected file writes beyond the manifest being checked; (2) run it in a sandbox or on a sample project to confirm behavior; and (3) ensure your Python runtime is 3.11+ (tomllib is stdlib there). The included code looks consistent with the stated purpose, so installing is reasonable if you trust the skill author, but always inspect bundled code you will execute locally.
Capability Analysis
Type: OpenClaw Skill Name: cargo-toml-validator Version: 1.0.0 The cargo-toml-validator skill is a legitimate tool for auditing Rust manifest files. The Python script (cargo_toml_validator.py) uses the native tomllib library to parse files and implements standard validation logic for dependencies, metadata, and features without any network access, shell execution, or sensitive data retrieval.
Capability Assessment
Purpose & Capability
Name/description (Cargo.toml validation) align with the provided CLI instructions and the included Python script which parses and analyzes manifest content; nothing required or requested appears unrelated to the stated purpose.
Instruction Scope
SKILL.md directs the agent to run the included script against a specified Cargo.toml and to produce validation output; the instructions do not ask the agent to read unrelated system files, access credentials, or transmit data to external endpoints.
Install Mechanism
No install spec is present (instruction-only invocation with a bundled script). This avoids remote downloads or installs; the script runs locally using the system Python and tomllib (stdlib in Python 3.11+).
Credentials
The skill declares no required environment variables, credentials, or config paths. There is no indication in the SKILL.md or the visible portion of the script that it accesses unrelated secrets or environment data.
Persistence & Privilege
always is false and the skill does not request persistent or elevated platform privileges. It does not modify other skills or agent-wide settings based on the provided materials.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install cargo-toml-validator
  3. After installation, invoke the skill by name or use /cargo-toml-validator
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release: 25 rules for Rust Cargo.toml validation
Metadata
Slug cargo-toml-validator
Version 1.0.0
License MIT-0
All-time Installs 0
Active Installs 0
Total Versions 1
Frequently Asked Questions

What is Cargo.toml Validator?

Validate Rust Cargo.toml manifests for dependency issues, missing metadata, feature conflicts, workspace config, and crates.io publishing readiness. Use when... It is an AI Agent Skill for Claude Code / OpenClaw, with 85 downloads so far.

How do I install Cargo.toml Validator?

Run "/install cargo-toml-validator" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Cargo.toml Validator free?

Yes, Cargo.toml Validator is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Cargo.toml Validator support?

Cargo.toml Validator is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Cargo.toml Validator?

It is built and maintained by charlie-morrison (@charlie-morrison); the current version is v1.0.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments