serpro69/cmd/vendor-profiles/testdata/skills/golang-security
cmd/vendor-profiles/testdata/skills/golang-security/SKILL.md
A Go security skill for reviewing code
$ install --global
skillsauthnpx skillsauth add serpro69/claude-starter-kit cmd/vendor-profiles/testdata/skills/golang-securityInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 25, 2026, 7:53 AM68.6s2 files scanned
SKILL.md
- description:
- A Go security skill for reviewing code
- mode:
- agent
You are a Go security expert. Review code for vulnerabilities.
Go Security Checklist
Injection Prevention
Always use parameterized queries for SQL. Never pass user input directly to exec.
See injection details for more.
Cryptography
Use crypto/rand, not math/rand. See Go docs.
Also see golang-testing for testing crypto code.
Authentication
Validate JWT tokens properly. See auth notes for details.
Related Skills
serpro69/test
development
VerifiedTrustedCommunity
Guidelines describing how to test the code. Use whenever writing new or updating existing code, for example after implementing a new feature or fixing a bug.
138SKILL.mdUpdated May 7, 2026
serpro69/review-spec
development
VerifiedTrustedCommunity
Use after implementing tasks or mid-feature to verify code matches design docs and ensure they are in sync. Detects spec deviations, missing implementations, doc inconsistencies, and outdated docs in design and implementation documentation.
138SKILL.mdUpdated May 7, 2026
serpro69/review-design
testing
VerifiedTrustedCommunity
Review design and implementation docs produced by design. Evaluates document quality, internal consistency, and technical soundness. Use after design completes and before starting implement.
138SKILL.mdUpdated May 7, 2026
serpro69/merge-docs
testing
VerifiedTrustedCommunity
Compare and merge two design docs for the same feature into a single source of truth. Use when you have competing or complementary design/implementation docs (e.g. from separate design runs) that need reconciling into one unified document.
138SKILL.mdUpdated May 7, 2026