go-api-development
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Prompt Injection (SAFE): No instructions were found that attempt to bypass safety filters or override core agent behavior. The instruction to follow user requirements 'to the letter' is standard for code generation tasks.
- Data Exposure & Exfiltration (SAFE): No hardcoded credentials, sensitive file paths, or unauthorized network operations were detected. The guidelines explicitly recommend avoiding the logging of sensitive information.
- Unverifiable Dependencies & Remote Code Execution (SAFE): The skill emphasizes the use of the Go standard library and contains no package installations or remote script executions.
- Indirect Prompt Injection (SAFE): The skill creates a surface for processing user-provided requirements to generate code but mitigates risk by requiring input validation and sanitization as core principles. (1) Ingestion points: User-provided API requirements in SKILL.md. (2) Boundary markers: Absent. (3) Capability inventory: Go code generation. (4) Sanitization: The instructions explicitly mandate input validation and sanitization to prevent injection attacks.
Audit Metadata