golangci-lint-strict
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill fetches a
.golangci.ymlconfiguration file from the external repositorygithub.com/powerman/golangci-lint-strict. - [COMMAND_EXECUTION]: The agent executes a bundled shell script
assets/install-strict-config.shto manage the secure download and verification process. - [COMMAND_EXECUTION]: The skill invokes the
golangci-linttool to run linting operations on the project. - [PROMPT_INJECTION]: Indirect Injection Surface Analysis:
- Ingestion points: External YAML configuration file downloaded via
curlorwgetinassets/install-strict-config.sh. - Boundary markers: The script includes a specific check for an
# Origin:header to ensure the downloaded content matches the expected source and version. - Capability inventory: Subprocess execution for the installation script and the linter tool.
- Sanitization: Implements a refusal to overwrite existing configuration files and uses a temporary file for download verification before final placement.
Audit Metadata