golang-refactoring

Pass

Audited by Gen Agent Trust Hub on Jul 6, 2026

Risk Level: SAFE
Full Analysis
  • [REMOTE_CODE_EXECUTION]: The skill downloads and installs official Go tools (gopls, benchstat) from trusted golang.org domains during the installation process.
  • [COMMAND_EXECUTION]: The skill utilizes standard Go development commands including go build, go test, go vet, and gopls for code analysis, verification, and transformation.
  • [PROMPT_INJECTION]: No attempts to override agent behavior, bypass safety guidelines, or extract system prompts were detected in the instructions.
  • [DATA_EXFILTRATION]: The skill does not access sensitive local file paths (like credentials or SSH keys) or perform unauthorized network exfiltration. It uses standard git and gh tools for managing code branches and pull requests.
  • [INDIRECT_PROMPT_INJECTION]: The skill processes Go source code as untrusted input. It mitigates this risk by relying on compiler-backed structural tools (gopls) and requiring human-in-the-loop sign-off and review for all proposed changes and pull requests.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 6, 2026, 04:29 PM
Security Audit — agent-trust-hub — golang-refactoring