The Agent Skills Directory

[SAFE]: The skill is a specialized security documentation and auditing resource. It establishes a 'Senior Go security engineer' persona to guide the agent in conducting thorough codebase reviews and audits according to established methodologies like STRIDE and DREAD.
[EXTERNAL_DOWNLOADS]: The skill instructs the agent to install and use well-known security tools from the Go ecosystem, specifically gosec (github.com/securego/gosec) and govulncheck (golang.org/x/vuln). These are trusted resources commonly used for static analysis and vulnerability identification in professional development environments.
[PROMPT_INJECTION]: The skill possesses an inherent indirect prompt injection surface as it is designed to analyze untrusted source code. It utilizes ingestion tools such as Read and Grep to process codebase data and has capability tools like Write and Bash for implementing fixes or running tests. While it does not include explicit boundary markers for separating code from instructions, this functionality is necessary for its primary purpose as an auditing tool and does not represent a malicious intent within the skill itself.

backend-go-security