go-create-validator
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFE
Full Analysis
- Prompt Injection (SAFE): The skill contains instructional content for code generation. No patterns associated with bypassing safety filters or overriding system instructions were found.
- Data Exposure & Exfiltration (SAFE): The skill does not access sensitive local files or perform network requests. It uses placeholder import paths (e.g.,
github.com/cristiano-pacheco/pingo) which are standard for Go project scaffolding. - Remote Code Execution (SAFE): No remote scripts are downloaded or executed. The workflow section mentions standard development commands (
make test,make lint,make nilaway) which are intended for local environment use by the developer. - Indirect Prompt Injection (SAFE): While the skill uses placeholders like
<module>for code generation, it follows standard templating practices within markdown code blocks. It does not ingest untrusted external data from APIs or web sources.
Audit Metadata