fredrikaverpil/golang-style
stow/shared/.claude/skills/golang-style/SKILL.md
Use this skill BEFORE writing or editing any Go (.go) files. Triggers when about to create, modify, or add code to .go files. Enforces happy path coding, error wrapping, sentinel errors, godoc-style comments, and `go doc` usage.
$ install --global
skillsauthnpx skillsauth add fredrikaverpil/dotfiles golang-styleInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 4, 2026, 11:48 PM10.3s1 file scanned
SKILL.md
- name:
- golang-style
Go Coding Conventions
Proverbs
Try to follow the proverbs:
Go Proverbs Simple, Poetic, Pithy Don't communicate by sharing memory, share memory by communicating. Concurrency is not parallelism. Channels orchestrate; mutexes serialize. The bigger the interface, the weaker the abstraction. Make the zero value useful. interface{} says nothing. Gofmt's style is no one's favorite, yet gofmt is everyone's favorite. A little copying is better than a little dependency. Syscall must always be guarded with build tags. Cgo must always be guarded with build tags. Cgo is not Go. With the unsafe package there are no guarantees. Clear is better than clever. Reflection is never clear. Errors are values. Don't just check errors, handle them gracefully. Design the architecture, name the components, document the details. Documentation is for users. Don't panic.
Follow these conventions strictly when writing Go code.
Happy Path Coding
Structure code so the successful path flows straight down. Handle errors immediately, then continue with main logic.
// Correct: happy path flows down.
func ProcessUser(id string) (*User, error) {
user, err := db.GetUser(id)
if err != nil {
return nil, fmt.Errorf("get user %s: %w", id, err)
}
if err := user.Validate(); err != nil {
return nil, fmt.Errorf("validate user %s: %w", id, err)
}
return user, nil
}
// Wrong: main logic nested inside conditions.
func ProcessUser(id string) (*User, error) {
user, err := db.GetUser(id)
if err == nil {
if err := user.Validate(); err == nil {
return user, nil
} else {
return nil, err
}
}
return nil, err
}
Error Wrapping
Always wrap errors with context using %w. Include the operation and relevant
identifiers.
// Correct: wrapped with context.
if err != nil {
return fmt.Errorf("create order for customer %s: %w", customerID, err)
}
// Wrong: no context.
if err != nil {
return err
}
Sentinel Errors
Define package-level sentinel errors for expected error conditions. Use
errors.Is() to check.
// Define at package level.
var (
ErrNotFound = errors.New("not found")
ErrUnauthorized = errors.New("unauthorized")
ErrInvalidInput = errors.New("invalid input")
)
// Return sentinel errors.
func GetUser(id string) (*User, error) {
user := db.Find(id)
if user == nil {
return nil, ErrNotFound
}
return user, nil
}
// Check with errors.Is().
user, err := GetUser(id)
if errors.Is(err, ErrNotFound) {
// Handle not found case.
}
Comments
All comments end with a period.
// ProcessOrder handles order creation and validation.
func ProcessOrder(o *Order) error {
// Validate the order before processing.
if err := o.Validate(); err != nil {
return err
}
// Continue with order processing.
return nil
}
Naming Conventions
Never use Go's predeclared identifiers as variable or parameter names. These include built-in functions and constants that can be shadowed but should not be.
// Wrong: shadows built-in identifiers.
func process(new string, len int, make bool) error {
copy := "data"
return nil
}
// Correct: use descriptive names instead.
func process(name string, length int, shouldCreate bool) error {
dataCopy := "data"
return nil
}
Predeclared identifiers to avoid:
- Functions:
new,make,len,cap,append,copy,delete,close,panic,recover,print,println,complex,real,imag,clear,min,max - Constants:
true,false,iota,nil - Types:
error,bool,string,int,int8,int16,int32,int64,uint,uint8,uint16,uint32,uint64,uintptr,float32,float64,complex64,complex128,byte,rune,any,comparable
Line Length
Maximum line length is 120 characters. Break long lines at logical points.
// Correct: break at logical points.
func ProcessOrderWithValidation(
ctx context.Context,
order *Order,
validator OrderValidator,
) (*Result, error) {
return nil, fmt.Errorf(
"process order %s for customer %s: %w",
order.ID,
order.CustomerID,
err,
)
}
Documentation Lookup
Use go doc to look up standard library and package documentation:
go doc fmt.Errorf
go doc errors.Is
go doc context
Einride
If the project is under the Einride organization, always use the Makefiles in
the project which are generated by Sage (the .sage folder).
Related Skills
fredrikaverpil/aip
development
VerifiedTrustedCommunity
Google API Improvement Proposals (AIP) reference. Use BEFORE designing or reviewing APIs, protobuf definitions, or any work involving Google API design standards. Fetches relevant AIP rules from https://google.aip.dev for the task at hand.
222SKILL.mdUpdated Apr 16, 2026
fredrikaverpil/nvim-plugin
tools
VerifiedTrustedCommunity
Guide for writing Neovim plugins in Lua following official Neovim conventions (https://neovim.io/doc/user/lua-plugin/). Use this skill whenever the user is creating, modifying, or reviewing a Neovim plugin — including when they mention plugin structure, ftplugin, health checks, keymaps, setup() functions, vimdoc, LuaCATS annotations, or lazy loading in the context of Neovim plugin development. Also trigger when the user is working in a directory that looks like a Neovim plugin (contains plugin/, lua/, ftplugin/ subdirectories).
217SKILL.mdUpdated Apr 14, 2026
fredrikaverpil/nvim-config
tools
VerifiedTrustedCommunity
Native Neovim config idioms and conventions — use whenever writing, reviewing, or modifying any Neovim configuration that uses Neovim's built-in conventions WITHOUT a plugin manager framework (no lazy.nvim, packer, etc.). Covers directory structure, vim.pack plugin management, lsp/ auto-discovery, plugin/ loading order, keymaps, and standard paths. Trigger on any task involving init.lua, plugin/*.lua, lsp/*.lua, vim.pack.add(), vim.lsp.enable(), or "native neovim config" — even if the user just says "add a plugin" or "configure LSP" in a native-style config.
217SKILL.mdUpdated Apr 14, 2026
fredrikaverpil/codebase-audit
development
VerifiedTrustedCommunity
Analyze a git repo's history to surface high-churn files, ownership risks, bug hotspots, momentum trends, and firefighting patterns. Use this skill whenever the user wants to understand a codebase, assess repo health, or orient themselves before reading code — even if they don't explicitly say "audit".
217SKILL.mdUpdated Apr 14, 2026