Go Code Review
v2.3.0Reviews Go code for idiomatic patterns, error handling, concurrency safety, and common mistakes. Use when reviewing .go files, checking error handling, gorou...
⭐ 0· 85·1 current·1 all-time
byKevin Anderson@anderskev
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description (Go code review) align with the content: the skill is a checklist and references for reviewing .go files and go.mod. It requests no binaries, env vars, or installs, which is appropriate for an instruction-only reviewer.
Instruction Scope
Runtime instructions tell the agent to inspect go.mod and full Go source, run a defined checklist, and consult bundled reference docs — all appropriate. One ambiguous line says "Load beagle-go:review-verification-protocol before submitting findings"; this appears to reference an external protocol/skill or resource. That single instruction could cause the agent to call another skill or endpoint (which might have additional requirements), so verify what "beagle-go:review-verification-protocol" actually does before allowing autonomous invocation.
Install Mechanism
No install spec and no code files to execute; instruction-only skills have minimal disk footprint and low install risk.
Credentials
The skill requests no environment variables, credentials, or config paths — consistent with a static code-review checklist that operates on repository files.
Persistence & Privilege
always is false and the skill does not request persistent presence or system-wide changes. There is no evidence it modifies other skills or agent config.
Assessment
This skill is a local, instruction-only Go review checklist and appears coherent with its stated purpose. Before installing or giving it autonomous invocation: (1) confirm what "beagle-go:review-verification-protocol" refers to (another skill or network endpoint) — if it resolves to a different skill, review that skill's metadata and permissions; (2) be aware the skill will read repository files (go.mod and .go files) when invoked — don't enable it on repositories containing secrets you don't want scanned; (3) if you restrict autonomous actions, keep model-invocation disabled for this skill until you verify the referenced verification protocol. Benign ≠ harmless: review the environment the agent runs in (repo access, network access, other skills) before enabling broad, autonomous scans.Like a lobster shell, security has layers — review code before you run it.
latestvk97b1jmy4gthkxc8686ay4m37583cc0y
License
MIT-0
Free to use, modify, and redistribute. No attribution required.