golang-gopls
Pass
Audited by Gen Agent Trust Hub on Jul 6, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security issues were identified. The skill facilitates standard Go development tasks using official language server protocols.
- [EXTERNAL_DOWNLOADS]: The skill downloads and installs the official 'gopls' binary from 'golang.org/x/tools/gopls@latest'. These are well-known, trusted resources within the Go ecosystem.
- [COMMAND_EXECUTION]: The skill utilizes shell commands scoped to standard developer tools including 'go', 'gopls', 'git', and 'golangci-lint'. Access is restricted via 'allowed-tools' prefixes to ensure the agent operates within expected boundaries.
- [DATA_EXPOSURE]: The skill processes local source code to provide code intelligence. Analysis shows no evidence of sensitive file access (e.g., SSH keys, AWS credentials) or unauthorized network exfiltration. Network activity is limited to standard Go proxy operations for dependency resolution.
Audit Metadata