rust-intel-cc 0.4.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -0,0 +1,112 @@
1
+ ---
2
+ description: Scan Rust code against the categories from rust-intel and return a triaged report with concrete fixes.
3
+ argument-hint: "[path]"
4
+ ---
5
+
6
+ # /rust-cc-audit
7
+
8
+ Audits Rust code against the full taxonomy in the `rust-intel` skill. Removes the developer's need to know every category — finds what a senior reviewer with that document in their head would catch.
9
+
10
+ ## Arguments
11
+
12
+ - `$ARGUMENTS` — path to a file, directory, or crate. Defaults to the current working directory.
13
+
14
+ ## Process
15
+
16
+ 1. **Load the `rust-intel` skill.** This is the only source of rules. If the skill is unavailable, emit `⚠️ BLOCKED: skill rust-intel is not registered` and stop.
17
+
18
+ 2. **Pin the world.** Read `Cargo.toml` (and `CLAUDE.md`, if present). Record the exact versions of `tokio`, `axum`, `sqlx`, `reqwest`, `serde`, `hyper`, `clap`, and any other key dependency. Without this, §A1 (API hallucinations) cannot be checked — block instead of guessing.
19
+
20
+ 3. **Determine scope.**
21
+ - If `$ARGUMENTS` is empty: walk `src/**/*.rs` relative to cwd.
22
+ - If a file: just that file.
23
+ - If a directory: every `*.rs` recursively, excluding `target/`.
24
+ - Skip generated code (`OUT_DIR`, `build.rs` output).
25
+
26
+ **Fan-out preferred for broad scope.** For a whole-crate or directory scope, prefer the fan-out workflow from the skill's "Running a full pass" section — the shipped `audit-project.workflow.js` (one agent per module, async split into two). The serial walk below is the fallback for a single file or when the Workflow tool is unavailable.
27
+
28
+ 4. **Walk every category in the skill.** Iterate from §A1 through the final Tier F category (§F4) as enumerated in the `rust-intel` skill. For each, apply that category's BANNED/REQUIRED rules verbatim from the skill — do not re-state them here. The skill is the single source of rule wording; this command is the workflow harness. Note that Tier E is a different axis — systemic cost (performance), not correctness — and is entirely 🟡/🟢, never 🔴. Tier F is reviewed with a different stance (see the skill's "Tier F — how to review for meaning"): first obtain the named spec/reference and the project's own guarantee-bearing docs (README, SECURITY.md, design docs), extract the mandated behaviors/guarantees into a checklist, then check the code against that list — enumerate, don't sample. If a claimed reference is unavailable, report "conformance to <X> not verified — reference not available" as a finding.
29
+
30
+ 5. **For every finding, produce:**
31
+ - **Category:** `§XN — name`
32
+ - **File:line:column** (or line range for multiline patterns)
33
+ - **Citation** of the relevant fragment (3–10 lines of context)
34
+ - **Why it's dangerous** — one sentence referencing the spec's wording
35
+ - **Concrete fix** — a patch or code that applies to this file (not generic advice like "use a bounded channel")
36
+ - **Severity:** `critical` (silent data loss / UB / leak / deadlock), `high` (probable production bug), `medium` (antipattern with no immediate risk), `info` (style).
37
+
38
+ 6. **Report grouping:**
39
+ - By severity (critical → info).
40
+ - Inside a severity, by tier (A → B → C → D → E → F).
41
+ - End with a Post-flight summary in the spec's canonical form: surface **only** the 🔴-tier occurrences — see the `rust-intel` skill's *Enforcement tiers* for the canonical list (it is the single source; do not duplicate it here). Do not enumerate 🟢-tier items (`unwrap`/`expect`, `clone_on_copy`, narrowing `as` casts, etc.) — those are left to clippy. Non-🔴 antipatterns surfaced as individual findings above stay there; they are not re-aggregated into the summary. Tier E (systemic cost / perf) is entirely 🟡/🟢, so it never surfaces in the Post-flight summary either — perf findings appear as ordinary findings above, like any other non-🔴 antipattern.
42
+
43
+ ## Report format
44
+
45
+ ```
46
+ # rust-cc-audit report
47
+
48
+ **Scope:** <path>
49
+ **Pinned versions:** tokio=X.Y, sqlx=A.B, ...
50
+ **Found:** N critical, M high, K medium, L info
51
+
52
+ ---
53
+
54
+ ## CRITICAL
55
+
56
+ ### [§B2] src/handler.rs:47–52 — Mutex held across .await
57
+ ```rust
58
+ let guard = state.lock().unwrap();
59
+ let value = guard.get(&key).cloned();
60
+ some_async_op(value).await // ← guard still alive
61
+ ```
62
+ **Why dangerous:** `std::sync::Mutex` blocks the tokio worker across `.await` — deadlocks under load.
63
+ **Fix:**
64
+ ```rust
65
+ let value = {
66
+ let guard = state.lock().unwrap();
67
+ guard.get(&key).cloned()
68
+ }; // guard dropped before .await
69
+ some_async_op(value).await
70
+ ```
71
+
72
+ ### [§B8] src/notifier.rs:88 — Forgotten .await
73
+ ...
74
+
75
+ ---
76
+
77
+ ## HIGH
78
+ ...
79
+
80
+ ---
81
+
82
+ ## Post-flight summary
83
+
84
+ Surface **only** the 🔴-tier occurrences — see the `rust-intel` skill's *Enforcement tiers* for the canonical list (it is the single source). 🟢-tier items (`unwrap`/`expect`, `clone_on_copy`, narrowing `as` casts) are left to clippy and are not listed here. The lines below are an illustrative shape, not the authoritative inventory.
85
+
86
+ - `unsafe` / `transmute` / `mem::uninitialized`/`zeroed` (§B5): none
87
+ - Crypto calls — library / primitive / params (§B12): none
88
+ - New `Cargo.toml` dependencies — name + version + justification (§A1): none
89
+ - Manual `unsafe impl Send`/`Sync` (§B18): none
90
+ - `unbounded_channel` / unbounded `FuturesUnordered` (§B14): 1 (src/events.rs:14 — unjustified)
91
+ - atomic `Relaxed`-publish to another thread (§B13): none
92
+ - `tokio::spawn` whose `JoinHandle` is dropped (§B21): none
93
+ - `impl Drop` doing async work (§B22): none
94
+ - `==`/`!=` on secret material (§B24): none
95
+ - `extern "C"` / `Box::from_raw` / `from_raw_parts` (§B25): none
96
+ - `Pin::new_unchecked` (§B15b): none
97
+ - Blanket impl in a public API (§C1): none
98
+ - Spec / documented-guarantee divergence on a wire format, security guarantee, or persisted data (§F1/§F2): none
99
+ - Leaked / unclosed boundary resource an untrusted peer can hold open (§F3): none
100
+ ```
101
+
102
+ ## Behavioral principles
103
+
104
+ - **Don't invent findings.** If a category isn't activated, don't mention it. A short report beats a synthetic one.
105
+ - **Don't "fix" in the repo.** Report only. Applying fixes is a separate step the user authorizes.
106
+ - **Block on uncertainty.** If a crate version is unknown and §A1 needs it, emit a blocking message — don't guess.
107
+ - **Don't restate the spec.** Reference the paragraph (`§B2`) instead of paraphrasing its text.
108
+
109
+ ## Limits
110
+
111
+ - This is static analysis via reading. It doesn't replace `cargo clippy`, `miri`, `tokio-console`, `loom` — the spec's Post-flight checklist still recommends them explicitly.
112
+ - Categories that need runtime observation (steady-state memory growth for §B10) can only be flagged as "candidate" — not confirmed without profiling.
@@ -0,0 +1,137 @@
1
+ ---
2
+ description: Maps an error (rustc / clippy / panic / runtime anomaly) onto a rust-intel category and proposes a root-cause fix.
3
+ argument-hint: "<error message or behavior description>"
4
+ ---
5
+
6
+ # /rust-cc-fix
7
+
8
+ Removes the developer's need to navigate rustc docs and StackOverflow. Takes a symptom — returns the cause, the fix, **and** a preventive rule so it doesn't recur.
9
+
10
+ ## Arguments
11
+
12
+ - `$ARGUMENTS` — a `rustc` message, `cargo clippy` output, panic backtrace, or runtime-behavior description in natural language. May be multiline.
13
+
14
+ ## Process
15
+
16
+ 1. **Load the `rust-intel` skill.** If unavailable, emit `⚠️ BLOCKED: skill rust-intel is not registered` and stop.
17
+
18
+ 2. **Classify the input:**
19
+ - Compiler error (has `error[EXXXX]` or `error:` marker).
20
+ - Clippy warning (has `warning: ... #[warn(clippy::...)]`).
21
+ - Panic / runtime stack trace (has `thread 'main' panicked` or a backtrace).
22
+ - Natural-language anomaly (deadlock, OOM, slow, intermittent flake).
23
+
24
+ 3. **Request context when needed:**
25
+ - For a compiler error — need the relevant source lines (or the file path). If neither is provided, ask. **Don't guess.**
26
+ - For runtime symptoms — need `Cargo.toml` for versions and a repro scenario, if the category depends on either (§A1, §B4).
27
+ - If context is insufficient, emit a blocking message in the spec's canonical form.
28
+
29
+ 4. **Map to a category.** Use the routing table below — it is **only a router** (symptom → category number). The actual rule wording, BANNED/REQUIRED bullets, and remediation guidance live in the skill, never duplicated here. Whenever a new category lands in the `rust-intel` skill, extend this routing table accordingly. Table is non-exhaustive — when no row matches, read the spec's taxonomy directly.
30
+
31
+ | Symptom | Category |
32
+ |---|---|
33
+ | E0433, E0432, E0425, E0412, E0405 | §A1 (project organization, API hallucination) |
34
+ | E0277, E0308, E0599, E0407 | out-of-scope (compile-only — rustc's message is sufficient). But scan the reflexive "fix" for §A2 (reflexive `Arc<Mutex<T>>`), §A3 (`pub` to silence E0603), §C5 (`.clone()` to silence borrows) residue. |
35
+ | E0277 with `Send` / `Sync` in the bound | §B2 / §B15 / §B18 — the missing-`Send` is usually a symptom of a guard held across `.await`, a Pin/RPITIT mismatch, or a manual `unsafe impl Send` that was wrong. |
36
+ | E0596, E0594, E0502, E0499 | §C5 candidate (but check the ownership design first — don't slap `.clone()`) |
37
+ | E0106, E0495, E0521 | §B1 (lifetime laundering / leaking) |
38
+ | `clippy::await_holding_lock` | §B2 (but clippy catches ~30% — check hidden cases too) |
39
+ | `clippy::clone_on_copy`, `clippy::redundant_clone` | §C5 |
40
+ | `clippy::unwrap_used`, `clippy::expect_used` | §C2 |
41
+ | A path under an attacker-mutable directory is `canonicalize`d + `starts_with(base)`-checked, then `open`ed / read — escape reported despite the check | §C2 (TOCTOU — the static check is not race-free; CWE-367; use `openat`+`O_NOFOLLOW` or the `cap-std` crate when the tree is attacker-mutable) |
42
+ | `clippy::missing_safety_doc`, `clippy::undocumented_unsafe_blocks` | §B5 |
43
+ | panic "Cannot start a runtime from within a runtime" | §B15 (block_on inside async) |
44
+ | panic "cannot recursively acquire mutex" | §B9 (lock ordering / re-entry) |
45
+ | panic "PoisonError" / `poisoned lock` | §B2 (poisoning cascade) |
46
+ | Task hangs, `Poll::Pending` forever | §B15 (Waker not registered) |
47
+ | Deadlock without panic, two threads waiting on each other | §B9 |
48
+ | A `std::thread::scope` block hangs / never returns; or a child-thread panic re-panics the parent at the closing brace, skipping cleanup | §B9 (scope auto-joins on the brace — close the channel / drop the sender / signal cancellation *before* the scope ends; inspect each `ScopedJoinHandle::join()` when cleanup must run regardless) |
49
+ | Deadlock / all async workers wedge after touching a concurrent map (`DashMap`/`scc`); `clippy::await_holding_lock` stays silent | §B2 (a `Ref`/`RefMut` shard guard held across `.await` — store `Arc<OnceCell>`, clone out, drop the guard before awaiting) |
50
+ | One core spins; a flush/drain/leader loop never recovers and never exits, waiters keep getting `Err` | §B3a (coordinator livelock — release leadership and `return` on a persistent error; bound/back off any retry) |
51
+ | Steady-state RAM growth, OOM after days | §B10 (cycles) or §B14 (unbounded queue) |
52
+ | Latency spike under load, executor starvation | §B11 (blocking executor) |
53
+ | "Under load, `expensive_fetch` runs N times instead of 1" | §B13 (TOCTOU) |
54
+ | "Compiles and works on x86/dev, but garbage/race on ARM/AArch64; data published via an atomic is visible before the payload write" | §B13 (`Relaxed`-publish — use `Release`/`Acquire`, or `AcqRel`/`SeqCst` for RMW; model-check with `loom`) |
55
+ | "The message/request/write didn't happen but no error either" | §B8 (forgotten `.await`) |
56
+ | Encrypt/decrypt works, but security review finds a vulnerability | §B12 |
57
+ | `HashMap::get` returns `None` but the value was inserted | §B16 (Eq/Hash contract mismatch) |
58
+ | A worker pins at 100% CPU on a regex match / request times out on a specific input; the engine is `fancy-regex` / `onig` / `pcre2` | §B16 (ReDoS — catastrophic backtracking on untrusted input; keep untrusted input on the linear `regex` crate, else size-cap + hard match timeout) |
59
+ | panic `already borrowed: BorrowMutError` | §B17 (RefCell reentrant borrow) |
60
+ | `unsafe impl Send` / `unsafe impl Sync` without SAFETY justification | §B18 |
61
+ | `untagged` enum deserializes to wrong variant | §B20 (variant shape overlap) |
62
+ | Task started but no way to cancel or observe completion | §B21 (dropped JoinHandle) |
63
+ | Owner's `Drop` never runs / a periodic task outlives its owner / `_exits_on_drop` test hangs | §B21 (timer task holds a strong `Arc` to its owner — hold `Weak`, exit on `upgrade()==None`) |
64
+ | "Resource didn't close" / connection pool exhausted | §B22 (async Drop is not real) |
65
+ | `tokio::select!` arm side effect lost on cancellation | §B23 |
66
+ | "Timing-based authentication vulnerability" / CVE-class | §B24 (constant-time comparison) |
67
+ | "Panic crossed extern \"C\" boundary" / "process aborted in FFI" | §B25 |
68
+ | `attempt to ... with overflow` panic (debug) / wrong result only in release | §B26 (integer overflow: debug-panic vs release-wrap) |
69
+ | Numeric value wrong after a cast / `as` (`len() as u32`, `u64 as u32`) | §B26 (lossy conversion) |
70
+ | `attempt to divide by zero` / `attempt to calculate the remainder with a divisor of zero` | §B26 (div/rem by zero) |
71
+ | Duration looks wrong / negative / jumps; `.elapsed().unwrap()` panic | §B27 (wall-clock vs monotonic time) |
72
+ | panic `byte index N is not a char boundary` | §B28 (UTF-8 string slicing) |
73
+ | "string truncated mid-character" / non-ASCII corrupted | §B28 (char boundaries) |
74
+ | "Channel kind wrong for runtime" / async-blocks-on-sync-channel | §C8 |
75
+ | Tracing span missing in spawned task logs | §C9 |
76
+ | Workspace member's feature unexpectedly enabled in release | §C10 |
77
+ | `Deref` chain produces unexpected type / inheritance-style API breaks | §C11 |
78
+ | Test passes locally, flakes on CI / `thread::sleep` in test | §D1 |
79
+ | Test in `tests/` cannot compile after refactor | §D2 |
80
+ | New test is green even with the fix reverted / on pre-fix code; snapshot blessed from a brand-new implementation | §D1a (oracle validity — the oracle is the code itself; add a negative control) |
81
+ | A feature's tests are green but using it end-to-end fails or corrupts data; tests only check a config flag / header / status string — never exercise the behavior | §D1a (façade fitted to the test — Goodhart on the suite; add one end-to-end test that *uses* the feature, not just one that asserts it was announced) |
82
+ | Works in tests, breaks in prod: wrong arithmetic only in release, timeout only at real data sizes, race only under real concurrency | §D3 (test/prod divergence) — release-wrap → §B26, scale → §E3/§B7, interleaving → §B13/§B9 |
83
+ | CI reads green but a test actually hangs; `SLOW`/`TIMEOUT` lines never surfaced; test command piped through `grep`/`head` | §D4 (filtered live pipe without `set -o pipefail` masks the hang — gate on the runner or tee-to-file-then-grep; root-cause the hang) |
84
+ | Windows: `LNK1104: cannot open file '…exe'` on a test/bench binary after a flaky run | §D5 (a zombie test process holds its own `.exe` — reap stray `<crate>-<hex>.exe` at run start; the real fix is the hang, §D4) |
85
+ | Own tests and round-trip green, but interop with the real peer / reference implementation / published vectors fails | §F1 (spec conformance — both halves share the same misreading; verify against the external oracle) |
86
+ | Behavior contradicts what README/SECURITY.md/docs promise (token logged, untrusted input trusted, write not durable) | §F2 (documented guarantees — the doc, not the call graph, defines the boundary) |
87
+ | Connection/FD/gauge leaks on error paths; a peer that connects and stalls pins a task forever; EOF busy-loop or peer never sees close | §F3 (boundary/error-path lifecycle; §B21/§B4 twins; no-timeout read on untrusted peer) |
88
+ | `parse(display(x))` / `decode(encode(x))` corrupts data on special characters or boundary sizes | §F4 (round-trip law never tested over the domain — add the property test) |
89
+ | Feature never activates, code is dead | §C7 (feature typo) |
90
+ | Slow / high latency under load / high CPU / throughput collapses at scale | §E (systemic cost) — pick the law by shape: serial work → §E1, allocation → §E2, complexity/O(n²) → §E3, lock contention → §E4, recompute/Regex-in-loop → §E5; all under §E6 (measure first) |
91
+ | Two sequential `.await`s / not parallel / CPU-bound stalls the runtime | §E1 (`join!`/`buffer_unordered`/`JoinSet`; `spawn_blocking`/`rayon` for CPU-bound) |
92
+ | Too many allocations / high RSS / GC-like churn | §E2 (drop needless `clone`/`collect`/`format`; `with_capacity`, `Cow`/`&str`, reuse buffers) |
93
+ | Works fast on small input, quadratic at scale | §E3 (accidental O(n²); wrong container) |
94
+ | Lock contention / scales poorly across cores / `Mutex` hot | §E4 (atomics / `ArcSwap` / sharding) |
95
+ | "Need a faster HashMap" | §E4 (hasher choice) + §B16 — pick by trust boundary: fast hasher for trusted input, DoS-resistant for untrusted |
96
+ | Recompiles `Regex` / reparses every call / unbuffered I/O | §E5 (`LazyLock`; buffer I/O; reuse; lazy logging) |
97
+
98
+ If the symptom maps to **multiple** categories, list them all and explain which is primary.
99
+
100
+ 5. **Compose the answer:**
101
+ - **Category(ies):** `§XN` referencing the paragraph.
102
+ - **Real cause:** one or two sentences. Not a paraphrase of the symptom — why it arises in light of the spec's rule.
103
+ - **Why the "obvious" fix is bad** (when one exists — especially §C5 reflexive `.clone()`).
104
+ - **Right fix:** code or patch for the user's concrete example. If code wasn't shown — general form plus an explicit request to share the actual fragment.
105
+ - **Preventive rule** from the spec in one line: what to add to the style/checklist so it doesn't recur.
106
+ - **What to run after the fix:** the matching clippy lint / miri / tokio-console — from the Post-flight checklist.
107
+
108
+ ## Answer format
109
+
110
+ ```
111
+ ## §XN — <category name>
112
+
113
+ **Cause.** <…>
114
+
115
+ **The "obvious" fix that's also bad.** <when applicable — e.g. for a borrow error: "just add .clone()", per §C5>
116
+
117
+ **Right fix.**
118
+ ```rust
119
+ <patch>
120
+ ```
121
+
122
+ **Preventive rule.** <one line from the spec>
123
+
124
+ **Run after.** `cargo clippy -- -W clippy.await_holding_lock` (for §B2), `miri` (for §B5), `tokio-console` (for §B11), etc.
125
+ ```
126
+
127
+ ## Behavioral principles
128
+
129
+ - **Root cause, not symptom.** "Just add `.clone()` to make it compile" is a forbidden answer; see §C5. First ask whether ownership can be restructured.
130
+ - **Don't guess versions.** If the fix depends on a version (`axum::Server::bind` disappeared in 0.7), request `Cargo.toml` — don't invent.
131
+ - **Acknowledge uncertainty.** The spec warns explicitly: ~50% of LLM cancel-safety assessments in empirical testing were confidently wrong (§B3). If the symptom touches cancel-safety, enumerate every `.await` point and prove — don't assert.
132
+ - **Don't restate the solution in disguise.** If you've already named the cause as §B2, don't recite its rules in full — reference.
133
+
134
+ ## Limits
135
+
136
+ - Doesn't replace static analysis. If the user has lots of code and the location is unclear, redirect to `/rust-cc-audit`.
137
+ - Doesn't execute code. All fixes are textual suggestions; the user applies them.
@@ -0,0 +1,74 @@
1
+ ---
2
+ description: Before writing Rust — run the task through rust-intel's trigger table and Pre-flight checklist. Returns a plan, not code.
3
+ argument-hint: "<task description>"
4
+ ---
5
+
6
+ # /rust-cc-plan
7
+
8
+ Catches mistakes at the design stage, while rolling them back is still cheap. This is **not** a code generator — it's a structured pre-flight before you start.
9
+
10
+ ## Arguments
11
+
12
+ - `$ARGUMENTS` — task description in natural language. More detail → sharper plan.
13
+
14
+ ## Process
15
+
16
+ 1. **Load the `rust-intel` skill.** If unavailable, emit `⚠️ BLOCKED: skill rust-intel is not registered` and stop.
17
+
18
+ 2. **Pin the world.** Read `Cargo.toml` and `CLAUDE.md` (if present). Record versions. If they're missing or insufficient for the task, ask — don't invent.
19
+
20
+ 3. **Run the trigger table.** Match phrases from `$ARGUMENTS` against the trigger table in the `rust-intel` skill (the "Self-monitoring" section near the top of the spec). Record **every** activated category — the table is the source of truth for the phrase→category mapping; this command does not duplicate it. If ≥2 categories fire, flag the task as high-risk and enumerate exactly which ones the plan defends against.
21
+
22
+ 4. **Pre-flight checklist.** Walk the 7-question Pre-flight checklist defined at the end of the `rust-intel` skill (section "Pre-flight checklist"). For each question, ask the user only if the answer isn't already implied by context or by step 2. Don't ask all seven mechanically — that becomes noise. The skill is the canonical source of question wording; this command does not duplicate it.
23
+
24
+ 5. **Compose the plan.** Format:
25
+
26
+ ```
27
+ # Plan: <short task name>
28
+
29
+ ## Activated categories
30
+ - §B2 (Mutex across .await) — shared state between tasks
31
+ - §B3 (cancel safety) — timeout was mentioned
32
+ - §C2 (error handling) — public library function
33
+ **Risk level:** high (3 categories)
34
+
35
+ ## Context
36
+ - Stack: tokio 1.X, sqlx 0.Y (from Cargo.toml)
37
+ - Crate type: library / binary
38
+ - Idioms from CLAUDE.md: <if any>
39
+
40
+ ## Open questions (will block code-writing)
41
+ 1. Cancel-safety boundary: if the timeout fires after `db.commit()`, what behavior?
42
+ — retry / rollback / propagate?
43
+ 2. Backpressure policy for the event queue: block producer / drop oldest / drop newest?
44
+ 3. Trait `Storage` — sealed, or open to external impls?
45
+
46
+ ## Solution structure
47
+ 1. <step — module/function, and what matters about it for the activated categories>
48
+ 2. <step>
49
+ 3. ...
50
+
51
+ ## Risk points (flag upfront in the code)
52
+ - `handle_request` will use `tokio::select!` — needs an explicit `cancel-safe: yes/NO` annotation (§B3).
53
+ - `Arc<Mutex<State>>` in `AppState` — guard must NOT cross `.await` (§B2); critical section ≤ 10 lines.
54
+ - `process_batch` — bounded channel `mpsc::channel(N=?)` with an explicit policy (§B14).
55
+
56
+ ## After implementation (Post-flight)
57
+ - `cargo clippy -- -W clippy::await_holding_lock -W clippy::unwrap_used ...`
58
+ - If any `unsafe` is added — `cargo +nightly miri test`.
59
+ - Surface in the summary: `unsafe`, `unwrap`, `Arc<Mutex<_>>`, `unbounded_channel`, new dependencies (§A1 defense).
60
+ ```
61
+
62
+ 6. **If any blockers are unresolved — stop, don't proceed with the plan.** Emit a blocking message in the spec's canonical form listing what's needed from the user.
63
+
64
+ ## Behavioral principles
65
+
66
+ - **Don't write code.** Not even fragments, not even "for illustration". This command is the design phase.
67
+ - **Don't skip triggers.** If a phrase in the task activates a category, it belongs in the list — even if it seems "not relevant here". The spec is built around the fact that LLMs systematically misjudge category relevance.
68
+ - **Trait hierarchies — text before approval** (operating mode rule 3). If the task needs a new public trait, describe the signatures in the plan and mark "requires confirmation before impl".
69
+ - **Crypto — special mode** (§B12). If activated, the plan must contain a "Threat model: <…> — requires confirmation" section; code doesn't start without it.
70
+
71
+ ## Limits
72
+
73
+ - The plan defends against categories that **exist in the spec**. New bug classes (see draft categories in `docs/roadmap.md`) aren't covered until they migrate into the main ruleset.
74
+ - This isn't a full architectural review. It's a pre-flight against the risk matrix, not a design doc.
package/package.json ADDED
@@ -0,0 +1,37 @@
1
+ {
2
+ "name": "rust-intel-cc",
3
+ "version": "0.4.5",
4
+ "description": "Defense against LLM Rust failure modes for Claude Code: 58 categories of bugs that survive rustc, clippy, and cargo test. npx installer for the rust-intel skill + /rust-cc-* commands.",
5
+ "bin": {
6
+ "rust-intel-cc": "bin/install.js"
7
+ },
8
+ "files": [
9
+ "bin/",
10
+ "skill/",
11
+ "commands/rust-intel-cc/",
12
+ "CHANGELOG.md",
13
+ "LICENSE-MIT",
14
+ "LICENSE-APACHE"
15
+ ],
16
+ "engines": {
17
+ "node": ">=16"
18
+ },
19
+ "repository": {
20
+ "type": "git",
21
+ "url": "git+https://github.com/PHPCraftdream/rust-intel.git"
22
+ },
23
+ "homepage": "https://github.com/PHPCraftdream/rust-intel#readme",
24
+ "bugs": "https://github.com/PHPCraftdream/rust-intel/issues",
25
+ "keywords": [
26
+ "rust",
27
+ "claude-code",
28
+ "claude",
29
+ "code-review",
30
+ "audit",
31
+ "llm",
32
+ "correctness",
33
+ "security"
34
+ ],
35
+ "author": "Marat K <phpcraftdream@gmail.com>",
36
+ "license": "(MIT OR Apache-2.0)"
37
+ }