golang-dependency-injection
Pass
Audited by Gen Agent Trust Hub on Mar 23, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill provides links to official documentation and repositories from established organizations and the author's own verified tools. These references are used solely for technical guidance and do not involve the execution of untrusted remote scripts.
- [COMMAND_EXECUTION]: The skill requests access to restricted Bash commands (go, golangci-lint, git) necessary for standard Go development and code analysis tasks. This use is well-scoped and consistent with the role of a software architect assistant.
- [PROMPT_INJECTION]: The skill uses sub-agents to analyze local code and WebFetch to read documentation, which creates a surface for indirect prompt injection. Ingestion points: local file analysis and WebFetch documentation queries; Boundary markers: not explicitly defined; Capability inventory: Bash, Write, Edit, and WebFetch; Sanitization: not specified. This risk is inherent to the primary function of the skill and is mitigated by the scoped nature of the available tools.
Audit Metadata