golang-continuous-integration
Pass
Audited by Gen Agent Trust Hub on Mar 23, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides robust, security-oriented CI/CD templates for Golang projects, incorporating comprehensive vulnerability scanning and SAST tools such as govulncheck, gosec, CodeQL, and Bearer.- [SAFE]: It emphasizes best practices for repository security, including explicit instructions to set the GITHUB_TOKEN to read-only by default, implement branch protection rules, and use manual approval gates for releases.- [SAFE]: The skill utilizes well-known and reputable GitHub Actions from trusted organizations and established technology providers, such as Docker, Codecov, and the SecureGo project.- [SAFE]: It includes specific security warnings regarding workflows that require elevated permissions (e.g., auto-merging or releases) and provides clear guidance on using guards like actor checks and branch protection to mitigate risks.
Audit Metadata