Golang Project Layout

Security checks across static analysis, malware telemetry, and agentic risk

Overview

This is a documentation-only Go project layout guide; its main noteworthy behavior is that it can direct an agent to edit project files and run Go-related commands.

This skill appears safe for Go layout guidance. Before installing, understand that it may help the agent edit your project and run Go-related commands; review planned changes and use version control for easy rollback.

Static analysis

No static analysis findings were reported for this release.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal

Risk analysis

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

#ASI02: Tool Misuse and Exploitation

Low

What this means

The agent may create, edit, or reformat files in your Go project when following this skill.

Why it was flagged

The skill explicitly grants file-editing tools and Go/git/linter command execution, and its checklist includes commands that can create or rewrite project files. This is aligned with Go project setup, but users should notice that it can make real repository changes.

Skill content

allowed-tools: Read Edit Write Glob Grep Bash(go:*) Bash(golangci-lint:*) Bash(git:*) Agent AskUserQuestion ... Run `go mod init github.com/user/project-name` ... Run `gofmt -s -w .`

Recommendation

Use it in the intended repository, review the proposed structure and commands first, and keep changes under version control so they can be reverted.