golang
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: CRITICALEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- EXTERNAL_DOWNLOADS (LOW): The script scripts/lint.sh contains an installation function that downloads an external binary. Evidence: Line 53 in scripts/lint.sh executes 'go install' for 'golangci-lint'. Context: This is a standard procedure for Go development tools. Although the 'golangci' organization is not on the explicit trusted list, the project is a widely recognized industry standard. The risk is mitigated by the use of a specific version tag (v1.62.0) and the official Go package manager.
- COMMAND_EXECUTION (SAFE): Both scripts execute shell commands like find and gofmt. Evidence: Usage of find and direct calls to Go utilities. Context: These operations are restricted to the local filesystem and are typical for development tools.
Recommendations
- Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata