golang-best-practices
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): No instructions found that attempt to override system prompts, bypass safety filters, or use role-play for jailbreaking.
- [Data Exposure & Exfiltration] (SAFE): No hardcoded credentials, sensitive file path access, or unauthorized network operations were detected.
- [Obfuscation] (SAFE): No Base64 encoding, zero-width characters, homoglyphs, or other obfuscation techniques were found in the markdown or code snippets.
- [Unverifiable Dependencies & Remote Code Execution] (SAFE): The skill references standard Go packages and trusted sub-repositories (
golang.org/x/time/rate). There are no commands to download or execute untrusted scripts or packages. - [Privilege Escalation] (SAFE): No use of
sudo,chmod, or other commands for acquiring elevated permissions. - [Persistence Mechanisms] (SAFE): No attempts to modify shell profiles, cron jobs, or system services for persistence.
- [Metadata Poisoning] (SAFE): Metadata fields are used appropriately for skill description and authorship without deceptive instructions.
- [Indirect Prompt Injection] (SAFE): The skill provides static reference material and does not ingest untrusted data from external sources during execution.
- [Time-Delayed / Conditional Attacks] (SAFE): No logic gates based on time, environment, or usage counters were detected.
- [Dynamic Execution] (SAFE): The skill contains static code examples for reference and does not perform any dynamic code generation or execution at runtime.
Audit Metadata