go-security-vulnerability
Identify, assess, and fix security.
Setup & Installation
Install command
clawhub install irook661/go-security-vulnerabilityIf the CLI is not installed:
Install command
npx clawhub@latest install irook661/go-security-vulnerabilityOr install with OpenClaw CLI:
Install command
openclaw skills install irook661/go-security-vulnerabilityor paste the repo link into your assistant's chat
Install command
https://github.com/openclaw/skills/tree/main/skills/irook661/go-security-vulnerabilityWhat This Skill Does
Scans Go modules for known security vulnerabilities using govulncheck, identifies affected dependencies, and guides remediation through updates, replacements, or removals. Covers both direct and transitive dependencies, with verification steps to confirm fixes without breaking builds.
govulncheck uses the Go vulnerability database and call graph analysis to report only vulnerabilities reachable in your code, reducing noise compared to generic dependency scanners.
When to Use It
- Auditing a Go project before a production release
- Fixing a flagged CVE in a transitive dependency
- Checking whether a vulnerable function is actually called in your code
- Updating JWT libraries after a security advisory
- Setting up a routine vulnerability scan in a Go monorepo
Example Workflow
Here's how your AI assistant might use this skill in practice.
User asks: Auditing a Go project before a production release
- 1Auditing a Go project before a production release
- 2Fixing a flagged CVE in a transitive dependency
- 3Checking whether a vulnerable function is actually called in your code
- 4Updating JWT libraries after a security advisory
- 5Setting up a routine vulnerability scan in a Go monorepo
Identify, assess, and fix security.
Security Audits
These signals reflect official OpenClaw status values. A Suspicious status means the skill should be used with extra caution.