golang-modernize
Pass
Audited by Gen Agent Trust Hub on May 2, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides legitimate Go code modernization instructions based on official release notes (Go 1.21
- 1.26).
- [SAFE]: It recommends security best practices, such as replacing manual path validation with the
os.RootAPI to mitigate path traversal vulnerabilities (CWE-22). - [SAFE]: External tool recommendations, such as
govulncheckfromgolang.org/x/vuln, target official and well-known Go project repositories. - [SAFE]: All file operations (
go.mod,.modernize) and command executions (go,golangci-lint,git) are standard for Go development workflows and are appropriately restricted in the allowed-tools configuration. - [SAFE]: The skill includes a potential indirect prompt injection surface as it processes untrusted project data (source code,
go.mod). However, this is inherent to its primary purpose of code analysis and modernization, and no specific exploitable patterns or bypasses were found.
Audit Metadata