Skills
skills/julianobarbosa/claude-code-skills/writing-go/Gen Agent Trust Hub

writing-go

Warn

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • EXTERNAL_DOWNLOADS (MEDIUM): The skill recommends installing a third-party tool using go install github.com/vektra/mockery/v2@latest in TESTING.md. This repository is not on the trusted list, representing an unverifiable dependency installation at runtime.
  • COMMAND_EXECUTION (LOW): SKILL.md contains bash commands for building, testing, and linting (go build, go test, golangci-lint). These are standard development tasks but represent a capability that should be monitored when used with untrusted code.
  • PROMPT_INJECTION (LOW): A surface for indirect prompt injection exists through the analysis of external code. 1. Ingestion points: Read, Grep, and Glob tools. 2. Boundary markers: None present. 3. Capability inventory: Bash tool usage for build/test. 4. Sanitization: No evidence of sanitization for ingested code is mentioned.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 17, 2026, 05:59 PM