Golang Graphql
PassAudited by ClawScan on May 2, 2026.
Overview
This is a coherent instruction-only Go GraphQL coding skill, with normal code-editing and tool-use capabilities that users should still review when applied to a repository.
This skill appears safe for normal Go GraphQL development. Before installing, be aware that it can guide the agent to edit code, run Go/git/curl commands, consult external documentation, and use sub-agents to scan your repository. Review generated code, approve commands carefully, and pin external Go tooling versions where practical.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may modify project files and run development commands while helping implement GraphQL APIs.
The skill allows repository file edits and broad Go/git/curl command usage. This is expected for a Go coding skill, but it gives the agent meaningful ability to change code and run commands.
allowed-tools: Read Edit Write Glob Grep Bash(go:*) Bash(golangci-lint:*) Bash(git:*) Agent WebFetch mcp__context7__resolve-library-id mcp__context7__query-docs Bash(curl:*)
Review diffs and command approvals, especially for git and curl commands, before accepting changes.
A helper agent may read and scan repository files to support implementation or review.
The skill explicitly directs use of background/sub-agents for parallel code scanning. The stated behavior is task-scoped and not persistent, but users should know additional agents may inspect the codebase.
launch a background agent to grep for existing resolver patterns ... use a sub-agent to scan for N+1 resolver patterns
Keep agent activity limited to the intended repository and review any findings or edits before applying them.
If the setup command is followed, the project may download and run external Go tooling.
The reference documentation includes user-directed `go run` examples that may download and execute the gqlgen tool. This is normal for gqlgen setup, but it is external code execution.
go run github.com/99designs/gqlgen init
Pin tool versions in `go.mod` or `tools.go`, review dependency provenance, and run setup commands only in the intended project environment.