go-best-practices
Fail
Audited by Gen Agent Trust Hub on Feb 22, 2026
Risk Level: CRITICALNO_CODE
Full Analysis
- [NO_CODE] (SAFE): The skill consists entirely of markdown and text files providing programming guidance. No scripts or executable files (Python, Node.js, Shell) are included or executed.
- [EXTERNAL_DOWNLOADS] (SAFE): No remote resources or external packages are downloaded or referenced for execution.
- [CREDENTIALS_UNSAFE] (SAFE): Code examples demonstrate the secure practice of loading secrets from environment variables (e.g., os.Getenv('API_KEY')). No hardcoded credentials or sensitive tokens are present.
- [Malicious URL Alert] (SAFE): An automated scanner flagged the text 'client.Do' as a phishing URL. This is a false positive; 'client.Do' is a fundamental method in the Go standard library (net/http) for executing HTTP requests and is used here in a generic, non-malicious code snippet.
Recommendations
- Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata