The Agent Skills Directory

[PROMPT_INJECTION]: The skill provides instructional guidelines for Go development and does not contain any attempts to override safety filters, bypass system prompts, or manipulate agent behavior.
[DATA_EXFILTRATION]: No evidence of hardcoded credentials, sensitive file harvesting, or external data transmission was found. The skill correctly instructs developers to use environment variables for configuration.
[REMOTE_CODE_EXECUTION]: The skill does not perform any remote downloads or execution of external scripts. All code references target official project dependencies from the SAP CC organization.
[COMMAND_EXECUTION]: The included utility scripts (e.g., check-sapcc-auth-ordering.sh) are static analysis tools designed to scan local Go source files using standard utilities like grep and find. They do not execute arbitrary shell commands or perform dangerous filesystem operations.
[SAFE]: The skill includes security-positive features, such as a list of forbidden libraries to prevent the adoption of packages with known vulnerabilities (e.g., go-jose.v2) and automated checks to ensure authentication is performed before resource loading in API handlers.

go-sapcc-conventions