go
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill utilizes a restricted bash tool
Bash(go:*)to execute Go-specific commands. This limitation prevents the execution of arbitrary shell commands outside the Go toolchain. - [EXTERNAL_DOWNLOADS] (SAFE): The use of
go mod downloadis a standard and expected operation for Go development to retrieve project dependencies from their respective repositories. - [REMOTE_CODE_EXECUTION] (SAFE): While
go runexecutes code, this is the primary and intended purpose of a Go programming skill. There are no patterns suggesting the execution of untrusted remote scripts or piped network content. - [INDIRECT_PROMPT_INJECTION] (LOW): As a coding tool, the skill may ingest third-party source code via
go mod download. While this is a known attack surface for LLMs, the skill does not exhibit specific vulnerabilities beyond the inherent risks of processing external source code.
Audit Metadata