Skills
skills/openclaw/skills/go-linter-configuration/Gen Agent Trust Hub

go-linter-configuration

Fail

Audited by Gen Agent Trust Hub on Mar 4, 2026

Risk Level: HIGHREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [REMOTE_CODE_EXECUTION]: The skill initiates the execution of a remote shell script from GitHub by piping the output of a curl command into the sh interpreter.
  • Evidence: curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh is used in the skill metadata installation script and the README instructions.
  • [COMMAND_EXECUTION]: The skill performs system-level command execution to install development tools, including writing to protected system directories.
  • Evidence: tar -C /usr/local -xzf - is used to install the Go language distribution.
  • [EXTERNAL_DOWNLOADS]: The skill fetches resources from external domains during the installation phase.
  • Evidence: Fetches the Go language package from golang.org (a Google-owned domain).
  • Evidence: Fetches the linter installation script from raw.githubusercontent.com.
Recommendations
  • HIGH: Downloads and executes remote code from: https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh - DO NOT USE without thorough review
Audit Metadata
Risk Level
HIGH
Analyzed
Mar 4, 2026, 01:33 PM