golang-design-patterns
Pass
Audited by Gen Agent Trust Hub on May 2, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: No malicious commands, obfuscation, or data exfiltration patterns were found. The instructions and code examples provide legitimate best practices for Go development.
- [SAFE]: The skill metadata correctly attributes the work to 'samber' and provides a matching homepage. This accurate attribution reflects normal project management rather than metadata poisoning.
- [PROMPT_INJECTION]: The skill's 'Review mode' audits project source code, creating a potential surface for indirect prompt injection if the audited files contain adversarial instructions.
- Ingestion points: Audited project source code via
ReadandGreptools as specified inSKILL.mdand used during 'Review mode'. - Boundary markers: No specific instructions or delimiters are provided to help the agent distinguish between code content and potential instructions embedded in comments.
- Capability inventory: The agent has permissions for file modification (
Write,Edit) and development-related command execution (go,git,golangci-lint), allowing for significant environment changes if an injection occurs. - Sanitization: No content sanitization or validation of the audited source code is performed before processing.
Audit Metadata