from skillshub46
Guidelines and CLI recipes for safely adding, upgrading, auditing and managing Go dependencies, including govulncheck, go.mod practices, vendoring, and automate
Provides a comprehensive stewardship skill for Go dependency management: rules, commands, and best practices for adding/removing/upgrading modules, auditing for vulnerabilities, vendor management, and tooling flows for CI and local development. Covers go.mod/go.sum hygiene, govulncheck usage, versioning (MVS), and automation with Dependabot/Renovate.
Use this skill when an agent or developer is about to add a dependency, upgrade packages, audit for vulnerabilities before release, analyze binary size by dependency, or set up automated dependency update tooling. It enforces an 'ask before add' rule and provides step-by-step CLI examples.
references/go mod tidy, go get variants for adding/upgrading/removing, govulncheck ./..., go mod graph, vendoring guidance, and patterns like tools.go. Also includes cross-references to related skills for CI and security.Designed for coding assistants and agents that can run shell commands and work with Go tooling (go, govulncheck).
A well-structured Go dependency management skill covering go.mod practices, upgrading, removing, and auditing dependencies. No bundled scripts — purely a reference/guideline SKILL.md. Comprehensive coverage with deep-dive references and cross-links to related skills in the same suite. Clean security posture with emphasis on vulnerability scanning and checksum verification.
Part of the samber/cc-skills-golang suite. High-quality reference skill with no executable scripts. Security score high due to no scripts, no network calls, no credentials — just instructional content that actively promotes secure practices.
