← 返回 Skills 市场
anderskev

Review Rust

作者 Kevin Anderson · GitHub ↗ · v1.0.2 · MIT-0
cross-platform ⚠ suspicious
117
总下载
0
收藏
1
当前安装
3
版本数
在 OpenClaw 中安装
/install review-rust
功能描述
Comprehensive Rust code review with optional parallel agents
安全使用建议
This skill appears to be a coherent Rust code-review checklist, but take these precautions before installing or running it: - Expect to need git, cargo (Rust toolchain), and clippy present on the host; the skill's metadata does not declare these binaries — ask the author to list required tools explicitly. - Running cargo clippy / cargo check will invoke the Rust compiler and run build scripts / procedural macros; those can execute arbitrary code from the repository at compile time. Only run this skill in an isolated sandbox or CI environment you control. - The SKILL.md contains at least one incorrect Rust recommendation (e.g., attributes like #[unsafe(no_mangle)] that are not valid Rust). Treat some guidance as potentially erroneous and verify findings manually. - The skill loads other beagle-rust skills via the Skill tool — review and trust those downstream skills before allowing them to run. If you plan to use this skill: run it in a disposable container/VM with the appropriate toolchain installed, ask the publisher to update metadata to declare required binaries and fix inaccurate Rust guidance, and limit network/file access for the review run to reduce risk.
功能分析
Type: OpenClaw Skill Name: review-rust Version: 1.0.2 The review-rust skill bundle is a legitimate tool designed to automate Rust code reviews. It utilizes standard development utilities such as git, grep, and cargo clippy to analyze source code, detect project dependencies (e.g., Tokio, Axum, SQLx), and enforce coding standards. The instructions in SKILL.md establish rigorous 'hard gates' and verification protocols to ensure review accuracy and prevent hallucinations. No indicators of malicious intent, such as data exfiltration, unauthorized network access, or obfuscated execution, were found.
能力评估
Purpose & Capability
The name/description (Rust code review) aligns with the instructions (git diff, cargo/clippy, grep for deps, load per-technology review skills). However the skill fails to declare essential runtime dependencies: the SKILL.md expects git, cargo, rust toolchain and grep/heads/clippy but the registry metadata lists no required binaries. That mismatch is an incoherence (the reviewer will fail or silently skip checks if those tools are missing).
Instruction Scope
Instructions are focused on repo-local review activities (git diff, reading Cargo.toml, running cargo clippy/check, grepping for dependencies, re-reading files at FILE:LINE). That's appropriate for the stated purpose. Two cautionary points: (1) SKILL.md instructs loading other skills (beagle-rust:*), which creates a chain-of-trust — those skills will run with whatever privileges the platform grants; (2) SKILL.md includes at least one incorrect/unknown Rust directive (e.g., references like #[unsafe(no_mangle)] which is not valid Rust attribute syntax), indicating sloppy or inaccurate guidance that could lead to incorrect findings.
Install Mechanism
This is instruction-only with no install spec or code to download or write to disk, which is the lowest install risk.
Credentials
The skill does not request environment variables, credentials, or config paths. It does require access to the repository filesystem and the ability to run toolchain commands (git, cargo, clippy) — those are proportional to a code-review task but were not declared in the metadata.
Persistence & Privilege
The skill does not request always:true or persistent system-level presence. It sets disable-model-invocation:true, reducing autonomous model invocation risk. The only privilege-like behavior is that it instructs the agent to load other skills (Skill tool), so the overall trust depends on those downstream skills too.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install review-rust
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /review-rust 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.2
- Enforces new hard gates before reporting issues: explicit file scope, linter/compilation run, protocol loading, and evidence check for serious issues. - Details mandatory step ordering for file detection and review protocol. - Requires that compiler/clippy errors take precedence and not be duplicated as findings. - Forbids fabricated findings; if no files or issues, mandates clear output (e.g., “Protocol applied; no issues”). - Critical/Major findings must be re-checked in full-file context, not just diffs. - Improves review reliability and reduces false or redundant results.
v1.0.1
**Rust 2024 edition and modern tooling support added.** - Added detection and special handling for `edition = "2024"` in Cargo.toml; review process and severity rules now adapt to Rust 2024 semantics. - Updated technology detection to include async-trait, once_cell/lazy_static, #[expect], macro definitions, and FFI patterns, with Informational flags for outdated patterns if the MSRV allows using newer std features. - Expanded review and verification steps to cover new edition 2024 requirements (e.g., unsafe blocks in unsafe fn, extern syntax, lifetime capture in impl Trait). - Improved skill-loading matrix with new skills for macros and FFI review. - Clarified when to suppress or downgrade review findings that duplicate compiler or clippy errors—especially when edition 2024 lints are promoted to deny. - Enhanced instructions and output format to ensure edition detection, modern Rust diagnostics, and completeness of a single-pass review.
v1.0.0
- Initial release of review-rust skill for comprehensive Rust code reviews. - Supports sequential or parallel review mode with specialized subagents for different technology areas. - Enforces pre-review checks (clippy, rust edition, MSRV) before flagging issues. - Loads and utilizes appropriate skills based on technology detection (e.g., tokio, axum, sqlx, serde, test files). - Mandates thorough, single-pass review with strict scoping and output formatting rules. - Includes explicit guidelines for fix classification and post-fix verification.
元数据
Slug review-rust
版本 1.0.2
许可证 MIT-0
累计安装 1
当前安装数 1
历史版本数 3
常见问题

Review Rust 是什么?

Comprehensive Rust code review with optional parallel agents. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 117 次。

如何安装 Review Rust?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install review-rust」即可一键安装,无需额外配置。

Review Rust 是免费的吗?

是的,Review Rust 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

Review Rust 支持哪些平台?

Review Rust 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Review Rust?

由 Kevin Anderson(@anderskev)开发并维护,当前版本 v1.0.2。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191113 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论