golang-mastery-skill
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill provides utility scripts (
scripts/go_sanity.ps1andscripts/go_security.ps1) for local development environments. These scripts execute standard Go commands such asgo test,go vet, andgo mod verify. They also include optional integration with established industry-standard linters likegolangci-lint,govulncheck,gosec, andstaticcheck. All commands are targeted at local code validation and do not involve unauthorized access or risky execution patterns. - [DATA_EXFILTRATION] (SAFE): There are no patterns suggesting the exfiltration of sensitive data. In fact, the skill includes explicit documentation and code examples (e.g., in
references/auth.mdandreferences/security.md) that instruct the user to avoid hardcoding secrets and to use secure environment variable management. - [PROMPT_INJECTION] (SAFE): The instructional content in
SKILL.mdis limited to task-specific guidance (e.g., 'Prefer small, end-to-end changes') and does not contain any markers for bypassing safety filters, disregarding previous instructions, or extracting system prompts. - [EXTERNAL_DOWNLOADS] (SAFE): The skill does not perform any remote downloads. While it mentions the use of external tools like
golangci-lint, it checks for their existence locally before attempting to run them.
Audit Metadata