rust-review

// Use this skill for Rust-specific code audits. Use when reviewing Rust code, auditing unsafe blocks, analyzing ownership patterns, scanning Cargo dependencies for security. Do not use when general code review without Rust - use unified-review. DO NOT use when: performance profiling - use parseltongue

$ git log --oneline --stat

stars:201

forks:38

updated:March 4, 2026

SKILL.mdreadonly

SKILL.md Frontmatter

namerust-review

descriptionRust audit for unsafe blocks, ownership, and Cargo deps.

globs**/*.rs

alwaysApplyfalse

categorycode-review

tagsrust,ownership,concurrency,unsafe,traits,cargo

tools

usage_patternsrust-audit,unsafe-review,dependency-audit,concurrency-analysis

complexityadvanced

model_hintdeep

estimated_tokens400

progressive_loadingtrue

dependenciespensive:shared,imbue:proof-of-work

modulesownership-analysis.md,error-handling.md,concurrency-patterns.md,unsafe-audit.md,cargo-dependencies.md,silent-returns.md,collection-types.md,sql-injection.md,cfg-test-misuse.md,error-messages.md,duplicate-validators.md,builtin-preference.md,model-specific-tells.md,iterator-and-allocation-slop.md,test-slop.md,async-slop.md

Quick Start
When to Use
Required TodoWrite Items
Progressive Loading
Core Workflow
Rust Quality Checklist
Safety
Correctness
Performance
Idioms
Output Format
Summary
Ownership Analysis
Error Handling
Concurrency
Unsafe Audit
[U1] file:line
Dependencies
Recommendation
Exit Criteria

Rust Review Workflow

Expert-level Rust code audits with focus on safety, correctness, and idiomatic patterns.

Quick Start

/rust-review

Verification: Run the command with --help flag to verify availability.

When To Use

Reviewing Rust code changes
Auditing unsafe blocks
Analyzing concurrency patterns
Dependency security review
Performance optimization review

When NOT To Use

General code review without Rust - use unified-review
Performance profiling - use parseltongue:python-performance pattern

Required TodoWrite Items

rust-review:ownership-analysis
rust-review:error-handling
rust-review:concurrency
rust-review:unsafe-audit
rust-review:cargo-deps
rust-review:evidence-log

Progressive Loading

Load modules as needed based on review scope:

Quick Review (ownership + errors):

See modules/ownership-analysis.md for borrowing and lifetime analysis
See modules/error-handling.md for Result/Option patterns

Concurrency Focus:

See modules/concurrency-patterns.md for async and sync primitives

Safety Audit:

See modules/unsafe-audit.md for unsafe block documentation

Dependency Review:

See modules/cargo-dependencies.md for vulnerability scanning

Idiomatic Patterns:

See modules/builtin-preference.md for conversion traits and builtin preference

Core Workflow

Ownership Analysis: Check borrowing, lifetimes, clone patterns
Error Handling: Verify Result/Option usage, propagation
Concurrency: Review async patterns, sync primitives
Unsafe Audit: Document invariants, FFI contracts
Dependencies: Scan for vulnerabilities, updates
Evidence Log: Record commands and findings

Rust Quality Checklist

Safety

All unsafe blocks documented with SAFETY comments
FFI boundaries properly wrapped
Memory safety invariants maintained

Correctness

Error handling complete
Concurrency patterns sound
Tests cover critical paths

Performance

No unnecessary allocations
Borrowing preferred over cloning
Async properly non-blocking

Idioms

Standard traits implemented
Conversion traits preferred over helper functions
Error types well-designed
Documentation complete

Output Format

## Summary
Rust audit findings

## Ownership Analysis
[borrowing and lifetime issues]

## Error Handling
[error patterns and issues]

## Concurrency
[async and sync patterns]

## Unsafe Audit
### [U1] file:line
- Invariants: [documented]
- Risk: [assessment]
- Recommendation: [action]

## Dependencies
[cargo audit results]

## Recommendation
Approve / Approve with actions / Block