go-reviewer_skill

This skill reviews recent Go changes for idiomatic patterns, concurrency safety, error handling, and security, delivering actionable improvements.
  • JavaScript

0

GitHub Stars

1

Bundled Files

2 months ago

Catalog Refreshed

4 months ago

First Indexed

Readme & install

Copy the install command, review bundled files from the catalogue, and read any extended description pulled from the listing source.

Installation

Preview and clipboard use veilstrat where the catalogue uses aiagentskills.

npx veilstrat add skill itou-daiki/easy_stat_edu --skill go-reviewer

  • SKILL.md6.5 KB

Overview

This skill is an expert Go code reviewer focused on idiomatic Go, concurrency correctness, robust error handling, security, and performance. It is designed to run automatically against modified .go files and produce actionable, prioritized findings. Use this reviewer for every Go change to ensure code meets high standards expected at top Go shops.

How this skill works

The reviewer inspects only recently modified .go files by running git diff against '*.go' and then executes static tools like go vet and staticcheck when available. It performs targeted security checks (SQL/command/path injection, hardcoded secrets, insecure TLS, unsafe usage), enforces error-handling patterns, and validates concurrency usage (context propagation, goroutine lifecycle, races). Results are reported in a concise, actionable format with severity, file location, explanation, and a suggested fix or code example.

When to use it

  • On every pull request or code change that touches .go files
  • Before merging to protect production from security and concurrency regressions
  • During CI as an automated gate to run go vet, staticcheck, and race builds
  • When introducing new database, exec, or file-path handling code
  • When adding background processing, goroutines, or shared mutable state

Best practices

  • Fail fast: prefer early returns and clear error wrapping using fmt.Errorf("...: %w", err)
  • Propagate context.Context as the first parameter for cancellable operations
  • Avoid package-level mutable state; prefer passing dependencies via interfaces
  • Use parameterized queries for database access and avoid string concatenation for SQL
  • Use defer mu.Unlock() immediately after locking and ensure goroutines honor ctx.Done() for cancellation

Example use cases

  • Reviewing new handlers that build SQL queries to catch injection and N+1 patterns
  • Auditing background workers to detect goroutine leaks, missing WaitGroup, or unpropagated contexts
  • Checking error handling additions to ensure errors are not ignored and are wrapped with context
  • Catching insecure defaults like InsecureSkipVerify, hardcoded secrets, or use of weak hash algorithms
  • Validating performance hotspots: unnecessary allocations, inefficient string building, and slice pre-allocation opportunities

FAQ

It focuses on modified .go files discovered via git diff -- '*.go', plus it can run project-wide static checks for broader context.

What blocks approval vs warns?

Findings classified CRITICAL or HIGH block approval. Only MEDIUM issues permit a warning state and can be merged with caution.

Built by
VeilStrat
AI signals for GTM teams
© 2026 VeilStrat. All rights reserved.All systems operational