CtrlK
BlogDocsLog inGet started
Tessl Logo

golang-security

Security best practices and vulnerability prevention for Golang. Covers injection (SQL, command, XSS), cryptography, filesystem safety, network security, cookies, secrets management, memory safety, and logging. Apply when writing, reviewing, or auditing Go code for security, or when working on any risky code involving crypto, I/O, secrets management, user input handling, or authentication. Includes configuration of security tools.

87

1.35x
Quality

85%

Does it follow best practices?

Impact

95%

1.35x

Average score across 3 eval scenarios

SecuritybySnyk

Passed

No known issues

SKILL.md
Quality
Evals
Security

Evaluation results

90%

User Management Search API

Safe dynamic SQL construction

Criteria
Without context
With context

Parameterized name filter

100%

100%

Parameterized age filter

100%

100%

IN clause numbered placeholders

100%

100%

Role values passed as args

100%

100%

ORDER BY uses allowlist

100%

100%

No user column in SQL string

100%

100%

Safe default sort column

100%

100%

sqlx or pgx library used

0%

0%

Empty roles list handled

100%

100%

Sort order direction validated

100%

100%

95%

45%

Security Assessment for Payment API Service

DREAD scoring security report

Criteria
Without context
With context

DREAD factors per finding

0%

100%

DREAD score formula

0%

100%

Severity classification

60%

100%

Hardcoded password identified

100%

100%

Hardcoded password severity

100%

100%

SQL finding not dismissed

100%

100%

SQL severity adjusted downward

33%

100%

PII in logs identified

100%

100%

Missing server timeouts identified

0%

100%

Inline comment recommended

0%

0%

100%

30%

HTTP Server Foundation for B2B Analytics Platform

HTTP security middleware setup

Criteria
Without context
With context

Content-Security-Policy header

100%

100%

X-Frame-Options header

100%

100%

X-Content-Type-Options header

100%

100%

Strict-Transport-Security header

100%

100%

Referrer-Policy header

100%

100%

Permissions-Policy header

0%

100%

ReadTimeout configured

0%

100%

WriteTimeout configured

0%

100%

IdleTimeout configured

0%

100%

Per-client rate limiter

100%

100%

Client map mutex protection

100%

100%

golang.org/x/time/rate used

100%

100%

Repository
samber/cc-skills-golang
Commit

e9761db

Evaluated
Agent
Claude Code
Model
Claude Sonnet 4.6

Table of Contents

User Management Search APISecurity Assessment for Payment API ServiceHTTP Server Foundation for B2B Analytics Platform

Is this your skill?

If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.

Claim skill