golang-dependency-management
Provides dependency management strategies for Golang projects including go.mod management, installing/upgrading packages, semantic versioning, Minimal Version Selection, vulnerability scanning, outdated dependency tracking, dependency size analysis, automated updates with Dependabot/Renovate, conflict resolution, and dependency graph visualization. Use this skill whenever adding, removing, updating, or auditing Go dependencies, resolving version conflicts, setting up automated dependency updates, analyzing binary size, or working with go.work workspaces.
87
86%
Does it follow best practices?
Impact
Pending
No eval scenarios have been run
Passed
No known issues
Quality
Discovery
100%Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.
This is an excellent skill description that comprehensively lists specific capabilities, includes natural trigger terms Go developers would use, explicitly states both what the skill does and when to use it, and occupies a clear, distinct niche. The description is thorough without being padded, and uses proper third-person voice throughout.
| Dimension | Reasoning | Score |
|---|---|---|
Specificity | The description lists numerous specific concrete actions: go.mod management, installing/upgrading packages, semantic versioning, Minimal Version Selection, vulnerability scanning, outdated dependency tracking, dependency size analysis, automated updates with Dependabot/Renovate, conflict resolution, and dependency graph visualization. | 3 / 3 |
Completeness | Clearly answers both 'what' (dependency management strategies with a comprehensive list of capabilities) and 'when' (explicit 'Use this skill whenever...' clause covering adding, removing, updating, auditing dependencies, resolving conflicts, setting up automated updates, analyzing binary size, and working with go.work workspaces). | 3 / 3 |
Trigger Term Quality | Excellent coverage of natural terms users would say: 'Go dependencies', 'go.mod', 'version conflicts', 'Dependabot', 'Renovate', 'binary size', 'go.work', 'vulnerability scanning', 'upgrading packages'. These are terms Go developers would naturally use when seeking help. | 3 / 3 |
Distinctiveness Conflict Risk | Highly distinctive with a clear niche: Golang dependency management specifically. The mention of Go-specific concepts like go.mod, Minimal Version Selection, and go.work workspaces makes it very unlikely to conflict with other skills, even other Go-related skills that might focus on different aspects. | 3 / 3 |
Total | 12 / 12 Passed |
Implementation
72%Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.
This is a well-structured skill with strong actionability and excellent progressive disclosure. The main content provides concrete, executable commands and a useful quick reference. The primary weaknesses are some verbosity in explanatory sections (the persona, the go.sum rationale, vendoring justification) and the lack of explicit validation checkpoints in multi-step workflows like adding or upgrading dependencies.
Suggestions
Add explicit validation steps to the dependency addition/upgrade workflows (e.g., '1. go get pkg@version → 2. go mod tidy → 3. go build ./... to verify compilation → 4. go test ./... → 5. govulncheck ./...')
Trim the 'Ask Before Adding Dependencies' section — the bullet list of evaluation criteria and the explanation about AI agents suggesting bad packages could be condensed into a single directive with the checklist
| Dimension | Reasoning | Score |
|---|---|---|
Conciseness | Generally efficient but includes some unnecessary explanation (e.g., explaining why go.sum must be committed in detail, the vendoring rationale paragraph, and the persona statement). The 'Ask Before Adding Dependencies' section has some verbosity that could be tightened. However, most content earns its place. | 2 / 3 |
Actionability | Provides fully executable commands throughout — adding, upgrading, removing dependencies, the tools.go pattern with complete code, and a comprehensive quick reference section with copy-paste ready commands. Every major operation has concrete bash or Go examples. | 3 / 3 |
Workflow Clarity | Key workflows are present (add → tidy → commit, remove → tidy) but lack explicit validation checkpoints and feedback loops. For example, the dependency addition workflow doesn't include a verify/test step, and there's no explicit 'if something goes wrong' recovery path. The 'go mod tidy before every commit' and 'govulncheck before every release' rules are stated but not integrated into a sequenced workflow with validation gates. | 2 / 3 |
Progressive Disclosure | Excellent structure with a clear overview in the main file and well-signaled one-level-deep references to six specific deep-dive files, each with a brief description of what they cover. Cross-references to related skills are also clearly listed. The main file stays focused on essentials while pointing to detailed materials. | 3 / 3 |
Total | 10 / 12 Passed |
Validation
81%Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.
Validation — 9 / 11 Passed
Validation for skill structure
| Criteria | Description | Result |
|---|---|---|
metadata_field | 'metadata' should map string keys to string values | Warning |
frontmatter_unknown_keys | Unknown frontmatter key(s) found; consider removing or moving to metadata | Warning |
Total | 9 / 11 Passed | |
- Repository
- samber/cc-skills-golang
- Commit
e9761db
- Reviewed
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.