sota-golang
Pass
Audited by Gen Agent Trust Hub on Jun 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill serves as a high-quality defensive guide for Go development, explicitly instructing agents on how to prevent SQL injection, command injection, path traversal, and sensitive data exposure.
- [SAFE]: Command execution is restricted to standard Go toolchain commands (e.g.,
go test,go vet,govulncheck) and localgreppatterns used for static code analysis during audits. - [SAFE]: No obfuscation techniques, hidden URLs, or credential exfiltration patterns were detected. The skill contains instructions to identify such issues in third-party codebases.
- [SAFE]: External references are limited to trusted Go ecosystem tools and well-known services such as Cloudflare, Vercel, and standard Go package registries.
Audit Metadata