golang-patterns
Pass
Audited by Gen Agent Trust Hub on Mar 23, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill is intended for tasks like reviewing and refactoring Go code, which involves processing untrusted source code. This creates a surface for indirect prompt injection if the code under review contains malicious instructions. Ingestion points: User-provided Go source code during analysis or refactoring. Boundary markers: Absent; there are no instructions to the agent to ignore commands within the analyzed code. Capability inventory: The skill references Go CLI tools like 'go build' and 'go run' which may reflect agent capabilities. Sanitization: Absent; the skill does not define methods for validating input code.
- [EXTERNAL_DOWNLOADS]: The skill references 'go mod tidy' and the 'golang.org/x/sync/errgroup' library, which are trusted and official components of the Go ecosystem.
- [SAFE]: All Go code examples provided are idiomatic and follow security best practices, with no hardcoded credentials or malicious logic identified.
Audit Metadata