go-release
Pass
Audited by Gen Agent Trust Hub on Mar 21, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides transparent templates for generating release configurations and CI/CD workflows, which is consistent with its stated purpose of automating Go application distribution.
- [EXTERNAL_DOWNLOADS]: Integrates with well-known and reputable services, including the official GoReleaser tool and standard GitHub Actions from verified publishers, to facilitate builds and deployments.
- [CREDENTIALS_UNSAFE]: Correctly implements security best practices by instructing users to store sensitive tokens (like
TAP_GITHUB_TOKEN) in GitHub Secrets rather than hardcoding them in configuration files. - [COMMAND_EXECUTION]: Configures standard development lifecycle commands such as
go test,go mod tidy, andgo buildwithin isolated GitHub Actions runners, posing no risk to the local environment.
Audit Metadata