backend-go-continuous-integration
Pass
Audited by Gen Agent Trust Hub on Apr 8, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill configures workflows that download and use various third-party GitHub Actions and tools. These include actions/checkout, actions/setup-go, golangci/golangci-lint-action, aquasecurity/trivy-action, securego/gosec, bearer/bearer-action, codecov/codecov-action, and goreleaser/goreleaser-action. All identified sources are from well-known technology companies or official security tool repositories.
- [COMMAND_EXECUTION]: The skill provides templates that execute shell commands within GitHub Actions, such as go test, go build, go mod tidy, and docker build. These are standard development operations.
- [SAFE]: The skill demonstrates a strong security posture by including multiple security scanning tools (govulncheck, gosec, CodeQL, Bearer, Trivy) and providing detailed guidance on repository security hardening (branch protection, least-privilege permissions).
Audit Metadata