Name: tessl-labs/go-security-basics
Rating: 89.4 (1 reviews)
Author: tessl-labs

tessl-labs/go-security-basics

Security defaults that belong in every Go HTTP server from day one — CORS, security headers, rate limiting, SQL injection prevention, input validation, secrets management, graceful shutdown, and request timeouts.

1.32x

Quality

83%

Does it follow best practices?

Impact

99%

1.32x

Average score across 5 eval scenarios

Securityby

Passed

No known issues

{
  "instruction": "Implement graceful shutdown that drains in-flight requests before stopping",
  "relevant_when": "Agent creates or modifies a Go HTTP server, sets up a Go API project, or configures server startup",
  "context": "Every Go HTTP server must handle SIGINT and SIGTERM signals for graceful shutdown. Use signal.Notify to catch signals, then call srv.Shutdown(ctx) with a timeout context to drain in-flight requests. Never use log.Fatal(http.ListenAndServe()) as the only server startup pattern -- it drops all connections on Ctrl+C or container termination.",
  "sources": [
    {
      "type": "file",
      "filename": "skills/go-security-basics/SKILL.md",
      "tile": "tessl-labs/go-security-basics@0.2.0"
    }
  ],
  "checklist": [
    {
      "name": "signal-handling",
      "rule": "Agent uses signal.Notify to listen for SIGINT and SIGTERM signals instead of relying on log.Fatal(http.ListenAndServe())",
      "relevant_when": "Agent creates or modifies a Go HTTP server"
    },
    {
      "name": "graceful-shutdown",
      "rule": "Agent calls srv.Shutdown(ctx) with a timeout context (e.g., 10 seconds) to drain in-flight requests before stopping the server",
      "relevant_when": "Agent creates or modifies a Go HTTP server"
    }
  ]
}

tessl-labs/go-security-basics

graceful-shutdown.json.css-3qkkll{font-size:var(--chakra-font-sizes-sm);font-weight:var(--chakra-font-weights-normal);color:var(--chakra-colors-gray-300);}verifiers/

graceful-shutdown.jsonverifiers/