Skills
skills/projanvil/mindforge/go-development/Gen Agent Trust Hub

go-development

Pass

Audited by Gen Agent Trust Hub on Mar 7, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The file modern-go.md contains a shell command prefixed with ! intended for the agent to execute. This command searches the local filesystem for go.mod files to extract the Go version.
  • Evidence: !grep -rh "^go " --include="go.mod" . 2>/dev/null | cut -d' ' -f2 | sort | uniq -c | sort -nr | head -1 | xargs | cut -d' ' -f2 | grep . || echo unknown.
  • [PROMPT_INJECTION]: The automated version detection in modern-go.md reads content from user-controlled project files (go.mod) directly into the agent's context. This establishes an indirect prompt injection vector where malicious content in those files could influence agent behavior.
  • Ingestion points: Local go.mod files accessed via the grep command in modern-go.md.
  • Boundary markers: None.
  • Capability inventory: Shell command execution and Go code generation based on the detected version.
  • Sanitization: None.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 7, 2026, 01:54 PM