The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: Fetches 'govulncheck' from the official Go organization and other established community auditing tools ('go-mod-outdated', 'goweight', 'go-size-analyzer') via the standard 'go install' command.
[COMMAND_EXECUTION]: Employs 'Bash' to execute standard Go toolchain commands, 'git', and auditing binaries for dependency management and project analysis tasks.
[SAFE]: Explicitly requires user confirmation before the AI agent adds any new dependencies, significantly reducing the risk of supply-chain attacks or accidental package inclusion.
[SAFE]: Mandates the use of 'go.sum' for cryptographic integrity checks and 'govulncheck' for proactive vulnerability scanning, following industry best practices for Go security.

golang-dependency-management