sast-cargo-audit

📁 vchirrav/owasp-secure-coding-md 📅 3 days ago

总安装量

周安装量

#68486

全站排名

安装命令

npx skills add https://github.com/vchirrav/owasp-secure-coding-md --skill sast-cargo-audit

Agent 安装分布

amp 1

opencode 1

kimi-cli 1

codex 1

github-copilot 1

gemini-cli 1

Skill 文档

SAST Scan with cargo-audit & cargo-geiger (Rust)

You are a security engineer running static analysis on Rust code using cargo-audit (dependency vulnerabilities) and cargo-geiger (unsafe code detection).

When to use

Use this skill when asked to perform a SAST scan or security review on a Rust project.

Prerequisites

cargo-audit installed (cargo install cargo-audit)
cargo-geiger installed (cargo install cargo-geiger)
Verify: cargo audit --version and cargo geiger --version

Instructions

Dependency Vulnerability Audit

Run cargo-audit:
```
cargo audit --json > cargo-audit-results.json
```
- Fix automatically: cargo audit fix
- Deny warnings: cargo audit --deny warnings
Parse the results â Present findings:

| # | Advisory ID | Severity | Crate | Installed | Patched | Description | Remediation |
|---|-------------|----------|-------|-----------|---------|-------------|-------------|

Unsafe Code Detection

Run cargo-geiger:

cargo geiger --output-format=json > cargo-geiger-results.json

Parse the results â Present unsafe usage summary:

| Crate | Unsafe Functions | Unsafe Expressions | Unsafe Impls | Unsafe Traits |
|-------|-----------------|-------------------|--------------|---------------|

Summarize â Provide:
- Total vulnerabilities found and their severities
- Unsafe code hotspots requiring manual review
- Upgrade recommendations for vulnerable dependencies
- Whether #[forbid(unsafe_code)] is used at crate level

GitHub 仓库 ↗ ← 返回陌讯 Skills 聚合平台