go-fundamentals
Fail
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: HIGH
Full Analysis
- [EXTERNAL_DOWNLOADS] (SAFE): No external downloads or remote dependencies are referenced in the skill.- [COMMAND_EXECUTION] (SAFE): The skill includes a Python validation script ('scripts/validate.py') that performs safe directory and YAML checks. It does not execute arbitrary shell commands.- [DATA_EXFILTRATION] (SAFE): No network activity or sensitive file access patterns were detected. The skill uses 'yaml.safe_load' for configuration parsing, which prevents common YAML-based attacks.- [OBFUSCATION] (SAFE): All content is in clear text; no Base64, zero-width characters, or homoglyphs are present.- [REMOTE_CODE_EXECUTION] (SAFE): There are no instances of downloading and executing remote code (e.g., 'curl | bash').- [INDIRECT_PROMPT_INJECTION] (LOW): The skill processes Go-related topics provided via parameters. While it ingests external input, it lacks the dangerous capabilities (like network access or file system write permissions) required to exploit this surface.
Recommendations
- Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata