← Back to Skills Marketplace
dandandujie

rust-rebuilder

by dandandujie · GitHub ↗ · v1.0.0
cross-platform ⚠ suspicious
381
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install rust-rebuilder
Description
Plan and execute incremental project rewrites to Rust with architecture mapping, parity verification, idiomatic Rust guidance, dependency preflight checks, a...
Usage Guidance
This skill appears to do what it claims: plan and perform incremental Rust rewrites and generate upstream sync reports. Before installing or running it, consider the following: - It will read files under your home directory (~/.codex/skills and ~/.codex/config.toml) to detect other installed skills/MCPs — review those files if they contain sensitive data. - The skill expects a platform installer helper ($skill-installer) to install missing skills; confirm what that installer does and which repository it pulls from before allowing automatic installs. - The upstream report script runs git commands (fetch, rev-list, log) and will attempt to contact remotes named upstream/origin; ensure you are comfortable with the skill performing network fetches against your remotes and that your git remotes are correctly set. - The dependency check prints installation guidance that points to GitHub repositories (two grok-search links and a github-helper repo). Review those upstream repos before following automated install instructions. - Minor inconsistency: SKILL.md suggests the github-helper may be in the user's GitHub, while scripts/check_dependencies.py includes a specific github.com/dandandujie/github-helper URL — verify which source you want to trust. If you want additional assurance, run the two included Python scripts manually in a safe repository to observe their behavior, and verify your platform's $skill-installer semantics before allowing the skill to install other skills automatically.
Capability Analysis
Type: OpenClaw Skill Name: rust-rebuilder Version: 1.0.0 The skill is classified as suspicious due to the `scripts/upstream_sync_report.py` script and instructions in `references/github-upstream-sync.md` that involve executing external commands (`git` and `gh` CLI) with user-controlled inputs. Specifically, `scripts/upstream_sync_report.py` uses `subprocess.run` to execute `git` commands on a user-specified repository path (`--repo`) and branch name (`--branch`). While `subprocess.run` uses a list of arguments (mitigating classic shell injection), the capability to run `git` commands on an arbitrary local path and `gh` commands (as instructed in `references/github-upstream-sync.md`) introduces a significant attack surface and vulnerability risk if the AI agent were to be prompted maliciously to operate on unintended repositories or with crafted inputs.
Capability Assessment
Purpose & Capability
The skill's name/description (Rust rewrites, parity verification, upstream sync) match its included scripts and reference docs. Asking for grok-search and github-helper skills is coherent for obtaining Rust ecosystem info and GitHub repo operations. The files and steps present (check_dependencies.py, upstream_sync_report.py, references/*.md) support the declared purpose.
Instruction Scope
Runtime instructions are focused on migration workflows and explicitly require running the included Python scripts and reading shipped reference documentation. They also instruct the agent to install or call other skills (grok-search, github-helper) and to run git operations to fetch remotes and generate reports; this is consistent with upstream synchronization but does grant the skill ability to read ~/.codex/skills and ~/.codex/config.toml and to run git fetch/log commands. The SKILL.md references a platform variable ($skill-installer) and prompt template variables ($rust-rebuilder) that are not declared in the skill metadata — this is an operational assumption rather than a security flaw, but you should confirm the platform supplies or restricts those.
Install Mechanism
No install spec is provided (instruction-only with two helper scripts bundled). The included scripts are small, readable, and do not download or execute remote code. There are no extract/download install steps in the skill itself.
Credentials
The skill declares no required environment variables or credentials, which matches the code. However it reads user-local paths (~/.codex/skills and ~/.codex/config.toml) to detect installed skills/MCPs and expects to call out to a $skill-installer mechanism to add skills — the latter is not declared and is an assumed platform helper. Reading the user's ~/.codex config is proportionate to checking for other skills, but you should be aware it will access files in your home directory.
Persistence & Privilege
always is false and the skill does not request persistent/system-wide changes. It does instruct use of other skills and running git fetch/log commands, but it does not modify other skills' configurations or write to system-wide settings. Agent autonomous invocation is allowed by platform default and not by itself concerning here.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install rust-rebuilder
  3. After installation, invoke the skill by name or use /rust-rebuilder
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release of rust-rebuilder: a skill for methodical project rewrites to Rust with automated dependency checks, architecture mapping, parity verification, and upstream GitHub synchronization. - Supports incremental, verifiable, and reversible rewrites with detailed migration workflow. - Enforces mandatory dependency preflight checks for grok-search and github-helper, pausing execution if missing. - Provides explicit output contracts covering migration scope, equivalence strategy, Rust design decisions, risk register, and upstream sync notes. - Includes strict backend Rust guardrails and integrates external guideline/reference documents. - Enables continuous synchronization with GitHub source repositories. - Supplies quick-start prompt patterns and resource mapping for smooth adoption.
Metadata
Slug rust-rebuilder
Version 1.0.0
License
All-time Installs 0
Active Installs 0
Total Versions 1
Frequently Asked Questions

What is rust-rebuilder?

Plan and execute incremental project rewrites to Rust with architecture mapping, parity verification, idiomatic Rust guidance, dependency preflight checks, a... It is an AI Agent Skill for Claude Code / OpenClaw, with 381 downloads so far.

How do I install rust-rebuilder?

Run "/install rust-rebuilder" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is rust-rebuilder free?

Yes, rust-rebuilder is completely free (open-source). You can download, install and use it at no cost.

Which platforms does rust-rebuilder support?

rust-rebuilder is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created rust-rebuilder?

It is built and maintained by dandandujie (@dandandujie); the current version is v1.0.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments