Skills
skills/metalagman/agent-skills/go-oss-maintainer/Gen Agent Trust Hub

go-oss-maintainer

Pass

Audited by Gen Agent Trust Hub on Mar 1, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill fetches the latest release version of 'golangci-lint' from GitHub's official API (api.github.com) to populate CI/CD workflow templates.
  • [COMMAND_EXECUTION]: Executes standard Go CLI tools including 'go version', 'go mod tidy', 'go mod verify', and 'go tool' to manage project dependencies and local environments.
  • [PROMPT_INJECTION]: The skill possesses an attack surface for indirect prompt injection as it processes untrusted data from the repository it maintains.
  • Ingestion points: Reads local repository files such as 'go.mod' and environment details to inform its actions.
  • Boundary markers: None; repository content is processed without explicit delimiters or instructions to ignore embedded commands.
  • Capability inventory: The agent has the ability to write or modify project files (e.g., '.gitignore', GitHub Actions workflows) and execute commands via the Go toolchain.
  • Sanitization: No sanitization or validation of repository-provided content is performed before it is used to influence the agent's output or file-writing tasks.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 1, 2026, 07:49 AM