golang
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [SAFE]: No malicious patterns or security vulnerabilities were detected in the skill's code or instructions.
- [COMMAND_EXECUTION]: The skill documents the use of standard Go toolchain commands (e.g.,
go run,go build,go test) for local project development and execution. - [EXTERNAL_DOWNLOADS]: Fetches library documentation and configuration from well-known technology organizations and public repositories (e.g., Google, Uber, Gin-Gonic, Sourcegraph) using standard utilities like
go getandgh search. - [PROMPT_INJECTION]: Identifies a potential surface for indirect prompt injection as the skill retrieves and processes external documentation. Ingestion points:
query-docsandgh search codeinSKILL.mdfetch content from external GitHub repositories. Boundary markers: None present. Capability inventory: The skill includes documentation for subprocess execution and dependency management. Sanitization: No explicit sanitization of retrieved documentation content is described, though this is typical for development-focused skills.
Audit Metadata