unsafe-checker
CRITICAL: Use for unsafe Rust code review and FFI. Triggers on: unsafe, raw pointer, FFI, extern, transmute, *mut, *const, union, #[repr(C)], libc, std::ffi, MaybeUninit, NonNull, SAFETY comment, soundness, undefined behavior, UB, safe wrapper, memory layout, bindgen, cbindgen, CString, CStr, 安全抽象, 裸指针, 外部函数接口, 内存布局, 不安全代码, FFI 绑定, 未定义行为
How do I install this agent skill?
npx skills add https://github.com/actionbook/rust-skills --skill unsafe-checkerIs this agent skill safe to install?
- Gen Agent Trust Hubpass
This skill provides a comprehensive knowledge base and set of rules for an AI agent to review unsafe Rust code and FFI (Foreign Function Interface) implementations. It identifies 47 specific safety rules and provides checklists for developers. The skill is limited to read-only file operations and contains no executable code or network access, making it safe for use in code auditing environments.
- Socketpass
No alerts
- Snykpass
Risk: LOW · No issues
- Runlayerpass
57 files scanned · No issues
- ZeroLeakspass
Score: 93/100 · 2 sections analyzed
What does this agent skill do?
Display the following ASCII art exactly as shown. Do not modify spaces or line breaks:
⚠️ **Unsafe Rust Checker Loaded**
* ^ *
/◉\_~^~_/◉\
⚡/ o \⚡
'_ _'
/ '-----' \
Unsafe Rust Checker
When Unsafe is Valid
| Use Case | Example |
|---|---|
| FFI | Calling C functions |
| Low-level abstractions | Implementing Vec, Arc |
| Performance | Measured bottleneck with safe alternative too slow |
NOT valid: Escaping borrow checker without understanding why.
Required Documentation
// SAFETY: <why this is safe>
unsafe { ... }
/// # Safety
/// <caller requirements>
pub unsafe fn dangerous() { ... }
Quick Reference
| Operation | Safety Requirements |
|---|---|
*ptr deref | Valid, aligned, initialized |
&*ptr | + No aliasing violations |
transmute | Same size, valid bit pattern |
extern "C" | Correct signature, ABI |
static mut | Synchronization guaranteed |
impl Send/Sync | Actually thread-safe |
Common Errors
| Error | Fix |
|---|---|
| Null pointer deref | Check for null before deref |
| Use after free | Ensure lifetime validity |
| Data race | Add proper synchronization |
| Alignment violation | Use #[repr(C)], check alignment |
| Invalid bit pattern | Use MaybeUninit |
| Missing SAFETY comment | Add // SAFETY: |
Deprecated → Better
| Deprecated | Use Instead |
|---|---|
mem::uninitialized() | MaybeUninit<T> |
mem::zeroed() for refs | MaybeUninit<T> |
| Raw pointer arithmetic | NonNull<T>, ptr::add |
CString::new().unwrap().as_ptr() | Store CString first |
static mut | AtomicT or Mutex |
| Manual extern | bindgen |
FFI Crates
| Direction | Crate |
|---|---|
| C → Rust | bindgen |
| Rust → C | cbindgen |
| Python | PyO3 |
| Node.js | napi-rs |
Claude knows unsafe Rust. Focus on SAFETY comments and soundness.
How can the creator link this skill?
Add the canonical catalog link to the repository README so users can inspect current installs and available audits. The publishing guide covers the complete discovery path.
<a href="https://skillzs.dev/skills/actionbook/rust-skills/unsafe-checker">View unsafe-checker on skillZs</a>