Go Code Review
Security checks across malware telemetry and agentic risk
Overview
This is a documentation-only Go code review skill whose instructions are aligned with reviewing Go source code and do not add executable behavior or hidden access.
This skill is reasonable to install for Go code reviews. Expect it to read go.mod and surrounding Go source when reviewing changes. Also verify the separately referenced review-verification-protocol skill if it is present in your environment, because that outside file can influence the review process.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
66/66 vendors flagged this skill as clean.