golang-security

Installation
SKILL.md

Golang Security Standards

Priority: P0 (CRITICAL)

Implementation Guidelines

Input Validation

  • Validation: Use go-playground/validator or google/go-cmp for struct validation.
  • Sanitization: Sanitize user input before processing. Use bluemonday for HTML sanitization.

Cryptography

  • Random: ALWAYS use crypto/rand, NEVER math/rand for security-sensitive operations (tokens, keys, IVs).
  • Hashing: Use Argon2id for password hashing (golang.org/x/crypto/argon2). NOT use bcrypt (weaker) or MD5/SHA1 (insecure). Recommended params: time=1, memory=64MB, threads=4.
  • Encryption: Use crypto/aes with GCM mode for authenticated encryption.

SQL Injection Prevention

Installs
1
GitHub Stars
521
First Seen
Jun 6, 2026
golang-security — hoangnguyen0403/agent-skills-standard