golang-project-layout
Pass
Audited by Gen Agent Trust Hub on Apr 25, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns, obfuscation, or unauthorized data access commands were identified. The skill primarily consists of documentation and configuration templates.
- [DATA_EXFILTRATION]: The skill demonstrates security-positive behavior by explicitly instructing the agent and developer to use environment variables or secret managers for sensitive data (DSNs, passwords, API keys) and specifically warning against hardcoding these values in configuration files.
- [REMOTE_CODE_EXECUTION]: The included Makefile uses standard, well-known Go ecosystem tools (golangci-lint, govulncheck, air, goweight) for development workflows. No suspicious remote script execution or unverified binary downloads were found.
- [PROMPT_INJECTION]: The skill instructions emphasize a user-centric approach, requiring the agent to ask for developer input on architecture and dependency injection before making changes, which maintains human-in-the-loop control.
Audit Metadata