I'd like to propose a new reference skill for Project CodeGuard that guides AI coding agents through secure migration from memory-unsafe languages (C, C++) to memory-safe languages (Rust, Go, Java, C#, Swift), aligned with CISA/NSA memory safety guidance and secure-by-design principles.
This skill addresses a gap that sits at the intersection of CodeGuard's mission and an increasingly urgent industry need. AI coding agents are accelerating software development, but they're equally happy generating new C/C++ code as they are generating Rust or Go. Without explicit guidance, agents default to whatever language the project already uses; perpetuating memory-unsafe codebases even when a safe alternative is viable.
Instead of just having the reference directory called "owasp", we should change it to something like "additional skills" and add this there.
Motivation
Memory safety vulnerabilities (buffer overflows, use-after-free, dangling pointers, double-free, data races) remain the root cause of 60-70% of critical CVEs in major software projects. Government and industry guidance has converged on memory-safe languages as the most effective mitigation:
- CISA/NSA (2025): "Memory Safe Languages: Reducing Vulnerabilities in Modern Software Development" — urges adoption of MSLs as the most comprehensive mitigation against memory vulnerabilities
- CISA (2023): "The Case for Memory Safe Roadmaps" — called for organizations to publish memory safety roadmaps by January 1, 2026
- White House ONCD (2024): "Back to the Building Blocks" — laid out a national plan for MSL adoption
- Google Android case study: By writing all new code in memory-safe languages (Rust, Java) starting in 2019, Android reduced memory safety vulnerabilities from 76% to 24% of total CVEs by 2024 — without rewriting existing code
Additionally, recent advanced AI models like Mythos/Project Glasswing are dramatically accelerating vulnerability discovery, making memory-unsafe code an increasingly attractive and exploitable target. We specifically recommends that organizations replace legacy systems with modern platforms featuring memory safety mechanisms and exploit mitigations.
CodeGuard already covers cryptography, input validation, authentication, authorization, supply chain, and cloud security. A memory-safe migration skill would close an important gap, ensuring that AI coding agents don't just write functionally correct code, but write code in languages that eliminate entire vulnerability classes by design.
What the skill covers
Proactive prevention (the most important part)
When an AI agent is about to generate new C/C++ code, the skill checks whether a memory-safe alternative is viable and defaults to it. This is the "secure-by-default" behavior — preventing new unsafe code before it's written.
Migration guidance
When explicitly migrating code, the skill provides:
- Assessment checklist — scored priority evaluation covering vulnerability history, exposure surface, AI risk acceleration, and feasibility factors
- Language selection guide — decision matrix mapping use cases to recommended MSLs (Rust for systems/crypto/network, Go for services/CLI, Java/C# for enterprise, Swift for Apple platforms)
- FFI boundary security rules — treating every interface between safe and unsafe code as a security boundary, with rules for input validation, memory ownership, panic safety, thread safety, and string encoding
- Common migration patterns — side-by-side C/C++ → Rust/Go/Java code for buffers, strings, linked structures, concurrency, error handling, file I/O, and network servers
- Validation requirements — functional equivalence, fuzzing, sanitizers, benchmarking, dependency audit
- Anti-patterns — false safety wrappers, excessive
unsafe, migrating without tests, ignoring error handling differences
CodeGuard unified source rule
Enforceable rules including:
- Default to memory-safe languages for new code
- Banned unsafe C functions (gets, strcpy, strcat, sprintf, vsprintf) with safe replacements
- Minimize and document
unsafe blocks in Rust
- Validate all inputs at FFI boundaries
- Enforce memory ownership across FFI (allocator that created memory must free it)
- Never panic across FFI boundaries
- Use safe concurrency patterns
- Proper resource management in GC languages
Assessment script
A Python script (assess-migration.py) that statically analyzes C/C++ source files and produces a prioritized migration report based on unsafe function usage, network exposure, pointer arithmetic, buffer declarations, concurrency patterns, and cryptographic code. Supports both human-readable and JSON output for CI/CD integration.
Proposed file structure
memory-safe-migration/
├── SKILL.md # Main skill (Agent Skills standard)
├── scripts/
│ └── assess-migration.py # Static analysis assessment tool
├── references/
│ ├── language-selection.md # Target language decision matrix
│ ├── ffi-security.md # FFI boundary security rules
│ ├── migration-patterns.md # C/C++ → MSL code patterns
│ └── assessment-checklist.md # Priority scoring checklist
└── README.md # Documentation
Implementation
I have a complete working implementation ready to submit as a PR, including:
- SKILL.md following the Agent Skills open standard (agentskills.io) with progressive disclosure
- Four reference documents with detailed guidance and code examples in Rust, Go, Java, and C
- A tested Python assessment script
- A CodeGuard unified source rule with YAML frontmatter
The skill has been tested against sample C codebases and correctly identifies and prioritizes vulnerable components for migration.
I'd like to propose a new reference skill for Project CodeGuard that guides AI coding agents through secure migration from memory-unsafe languages (C, C++) to memory-safe languages (Rust, Go, Java, C#, Swift), aligned with CISA/NSA memory safety guidance and secure-by-design principles.
This skill addresses a gap that sits at the intersection of CodeGuard's mission and an increasingly urgent industry need. AI coding agents are accelerating software development, but they're equally happy generating new C/C++ code as they are generating Rust or Go. Without explicit guidance, agents default to whatever language the project already uses; perpetuating memory-unsafe codebases even when a safe alternative is viable.
Instead of just having the reference directory called "owasp", we should change it to something like "additional skills" and add this there.
Motivation
Memory safety vulnerabilities (buffer overflows, use-after-free, dangling pointers, double-free, data races) remain the root cause of 60-70% of critical CVEs in major software projects. Government and industry guidance has converged on memory-safe languages as the most effective mitigation:
Additionally, recent advanced AI models like Mythos/Project Glasswing are dramatically accelerating vulnerability discovery, making memory-unsafe code an increasingly attractive and exploitable target. We specifically recommends that organizations replace legacy systems with modern platforms featuring memory safety mechanisms and exploit mitigations.
CodeGuard already covers cryptography, input validation, authentication, authorization, supply chain, and cloud security. A memory-safe migration skill would close an important gap, ensuring that AI coding agents don't just write functionally correct code, but write code in languages that eliminate entire vulnerability classes by design.
What the skill covers
Proactive prevention (the most important part)
When an AI agent is about to generate new C/C++ code, the skill checks whether a memory-safe alternative is viable and defaults to it. This is the "secure-by-default" behavior — preventing new unsafe code before it's written.
Migration guidance
When explicitly migrating code, the skill provides:
unsafe, migrating without tests, ignoring error handling differencesCodeGuard unified source rule
Enforceable rules including:
unsafeblocks in RustAssessment script
A Python script (
assess-migration.py) that statically analyzes C/C++ source files and produces a prioritized migration report based on unsafe function usage, network exposure, pointer arithmetic, buffer declarations, concurrency patterns, and cryptographic code. Supports both human-readable and JSON output for CI/CD integration.Proposed file structure
Implementation
I have a complete working implementation ready to submit as a PR, including:
The skill has been tested against sample C codebases and correctly identifies and prioritizes vulnerable components for migration.