actionbook/unsafe-checker
skills/unsafe-checker/SKILL.md
CRITICAL: Use for unsafe Rust code review and FFI. Triggers on: unsafe, raw pointer, FFI, extern, transmute, *mut, *const, union, #[repr(C)], libc, std::ffi, MaybeUninit, NonNull, SAFETY comment, soundness, undefined behavior, UB, safe wrapper, memory layout, bindgen, cbindgen, CString, CStr, 安全抽象, 裸指针, 外部函数接口, 内存布局, 不安全代码, FFI 绑定, 未定义行为
$ install --global
skillsauthnpx skillsauth add actionbook/rust-skills unsafe-checkerInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Error
VirusTotalMulti-engine malware detection
70%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Mar 24, 2026, 9:42 AM42.1s57 files scanned
SKILL.md
- name:
- unsafe-checker
- description:
- CRITICAL: Use for unsafe Rust code review and FFI. Triggers on: unsafe, raw pointer, FFI, extern, transmute, *mut, *const, union, #[repr(C)], libc, std::ffi, MaybeUninit, NonNull, SAFETY comment, soundness, undefined behavior, UB, safe wrapper, memory layout, bindgen, cbindgen, CString, CStr, 安全抽象, 裸指针, 外部函数接口, 内存布局, 不安全代码, FFI 绑定, 未定义行为
- globs:
- ["**/*.rs"]
- allowed-tools:
- ["Read", "Grep", "Glob"]
Display the following ASCII art exactly as shown. Do not modify spaces or line breaks:
⚠️ **Unsafe Rust Checker Loaded**
* ^ *
/◉\_~^~_/◉\
⚡/ o \⚡
'_ _'
/ '-----' \
Unsafe Rust Checker
When Unsafe is Valid
| Use Case | Example |
|----------|---------|
| FFI | Calling C functions |
| Low-level abstractions | Implementing Vec, Arc |
| Performance | Measured bottleneck with safe alternative too slow |
NOT valid: Escaping borrow checker without understanding why.
Required Documentation
// SAFETY: <why this is safe>
unsafe { ... }
/// # Safety
/// <caller requirements>
pub unsafe fn dangerous() { ... }
Quick Reference
| Operation | Safety Requirements |
|-----------|---------------------|
| *ptr deref | Valid, aligned, initialized |
| &*ptr | + No aliasing violations |
| transmute | Same size, valid bit pattern |
| extern "C" | Correct signature, ABI |
| static mut | Synchronization guaranteed |
| impl Send/Sync | Actually thread-safe |
Common Errors
| Error | Fix |
|-------|-----|
| Null pointer deref | Check for null before deref |
| Use after free | Ensure lifetime validity |
| Data race | Add proper synchronization |
| Alignment violation | Use #[repr(C)], check alignment |
| Invalid bit pattern | Use MaybeUninit |
| Missing SAFETY comment | Add // SAFETY: |
Deprecated → Better
| Deprecated | Use Instead |
|------------|-------------|
| mem::uninitialized() | MaybeUninit<T> |
| mem::zeroed() for refs | MaybeUninit<T> |
| Raw pointer arithmetic | NonNull<T>, ptr::add |
| CString::new().unwrap().as_ptr() | Store CString first |
| static mut | AtomicT or Mutex |
| Manual extern | bindgen |
FFI Crates
| Direction | Crate | |-----------|-------| | C → Rust | bindgen | | Rust → C | cbindgen | | Python | PyO3 | | Node.js | napi-rs |
Claude knows unsafe Rust. Focus on SAFETY comments and soundness.
Related Skills
actionbook/rust-router
development
VerifiedTrustedCommunity
CRITICAL: Use for ALL Rust questions including errors, design, and coding. HIGHEST PRIORITY for: 比较, 对比, compare, vs, versus, 区别, difference, 最佳实践, best practice, tokio vs, async-std vs, 比较 tokio, 比较 async, Triggers on: Rust, cargo, rustc, crate, Cargo.toml, 意图分析, 问题分析, 语义分析, analyze intent, question analysis, compile error, borrow error, lifetime error, ownership error, type error, trait error, value moved, cannot borrow, does not live long enough, mismatched types, not satisfied, E0382, E0597, E0277, E0308, E0499, E0502, E0596, async, await, Send, Sync, tokio, concurrency, error handling, 编译错误, compile error, 所有权, ownership, 借用, borrow, 生命周期, lifetime, 类型错误, type error, 异步, async, 并发, concurrency, 错误处理, error handling, 问题, problem, question, 怎么用, how to use, 如何, how to, 为什么, why, 什么是, what is, 帮我写, help me write, 实现, implement, 解释, explain
1,167SKILL.mdUpdated Mar 27, 2026
actionbook/core-fix-skill-docs
development
VerifiedTrustedCommunity
Internal maintenance support for checking and fixing generated Rust skill documentation references. Use only when explicitly invoked by /fix-skill-docs.
1,167SKILL.mdUpdated Mar 27, 2026
actionbook/core-dynamic-skills
development
VerifiedTrustedCommunity
Internal command support for dynamic Rust crate skill management. Use only when explicitly invoked by /sync-crate-skills, /clean-crate-skills, or /update-crate-skill.
1,167SKILL.mdUpdated Mar 27, 2026
actionbook/core-agent-browser
tools
VerifiedTrustedCommunity
Internal support skill for agent-browser CLI workflows used by rust-learner, docs-researcher, and crate-researcher. Use only when browser automation is explicitly required.
1,167SKILL.mdUpdated Mar 27, 2026