go-feature-flag
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill recommends installing the project's command-line interface using
go install github.com/thomaspoignant/go-feature-flag/cmd/goff@latest. This targets the official repository for the GO Feature Flag utility. - [COMMAND_EXECUTION]: Provides various shell commands for validating flag configurations (
goff lint), running testing environments (docker run), and performing health checks or evaluation tests viacurl. These operations are consistent with the skill's primary purpose of feature flag management. - [CREDENTIALS_UNSAFE]: The documentation references the use of sensitive environment variables such as
GITHUB_TOKENandNOTIFIER_SLACK_WEBHOOK_URL. It follows security best practices by using descriptive placeholders (e.g.,ghp_xxxx,xxx) instead of hardcoding functional credentials.
Audit Metadata