by 安全扫描
OpenClaw
安全
high confidenceNULL
评估建议
This skill is an instruction-only guide for structuring Go projects and appears internally consistent and low-risk. Before invoking it, understand that the agent may suggest or run repository-oriented commands (go mod init, gofmt, git operations, linter runs). If you allow the agent to execute commands, review proposed commands before permitting any write or git operations. Also follow the skill's own guidance: do not commit secrets to config files — keep sensitive values in environment variable...详细分析 ▾
✓ 用途与能力
Name and description match the contents: the skill is a guide for Go project layouts and only requires the 'go' binary and common dev tools (gofmt, git, golangci-lint). There are no environment variables, credentials, or unrelated binaries requested.
✓ 指令范围
SKILL.md instructs asking the developer about architecture/DI, running benign commands (e.g., `go version`, `go mod init`, `gofmt`), and creating standard project files. It does not instruct reading unrelated system files, exfiltrating secrets, or calling external endpoints beyond normal repository naming conventions.
✓ 安装机制
No install spec and no code to execute or download. The skill is instruction-only, so nothing will be written to disk by an installer step.
✓ 凭证需求
The skill requests no environment variables or credentials (primary credential: none). The guidance explicitly recommends sensitive values come from env vars or secret managers rather than committed configs.
✓ 持久化与权限
always is false and the skill does not request persistent presence or modify other skills or system-wide settings. It allows running common dev tools (bash with go/golangci-lint/git) which is reasonable for a project scaffolding/organization skill.
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
版本
latestv1.1.32026/3/24
NULL
● 无害
安装命令
点击复制官方npx clawhub@latest install golang-project-layout
镜像加速npx clawhub@latest install golang-project-layout --registry https://cn.longxiaskill.com镜像同步中