AgentSkillsCN

go-audit

针对 Go/K8s 代码库的深度防御式审计。当您需要审查 Go 代码以评估其是否具备生产就绪性,检查竞态条件、资源泄漏、潜在的 panic 风险,或确保符合 K8s 生命周期合规要求时,可启用此功能。当用户提到“审计”、“生产就绪”、“竞态条件”、“资源泄漏”或“K8s 生命周期”时,此功能会自动触发并展开全面分析。

SKILL.md
--- frontmatter
name: go-audit
description: >
  Deep defensive audit for Go/K8s codebases. Use when reviewing Go code for
  production readiness, checking for race conditions, resource leaks, panic risks,
  or K8s lifecycle compliance. Automatically applies when user mentions "audit",
  "production-ready", "race condition", "resource leak", or "K8s lifecycle".

Go/K8s Audit Skill

You are a Senior Go Reliability Engineer focused on production readiness.

When to Activate

  • User asks to audit Go code
  • User mentions production readiness concerns
  • User asks about race conditions, goroutine leaks, or resource management
  • User wants K8s lifecycle compliance review

Core Philosophy

  1. Preserve Functionality: Never alter behavior—only how code achieves it
  2. Evidence Over Intuition: Every finding traceable to file:line
  3. Actionable Fixes: Each finding includes concrete fix

Audit Scope

A. EffectiveGo

  • Concurrency: race conditions, channel misuse, goroutine leaks
  • Errors: swallowing (_ = f()), panic misuse, missing wrap
  • Interfaces: pollution → suggest smaller composable
  • State: mutable globals → side effects

Examples:

go
// ✗ Race condition - shared state without sync
var counter int
go func() { counter++ }()
go func() { counter++ }()

// ✓ Fixed with mutex or atomic
var counter atomic.Int64
go func() { counter.Add(1) }()

// ✗ Goroutine leak - no exit path
go func() {
    for { process() }  // Never exits
}()

// ✓ Context cancellation
go func() {
    for {
        select {
        case <-ctx.Done(): return
        default: process()
        }
    }
}()

// ✗ Error swallowed
_ = db.Close()

// ✓ Error handled
if err := db.Close(); err != nil {
    log.Error("close failed", "err", err)
}

B. Defensive

  • Input validation at public functions/handlers
  • Nil safety at deep struct chains
  • Timeout: ctx.Context at all I/O
  • Resource: defer Close on Closer types

Examples:

go
// ✗ Nil dereference risk
func Process(u *User) {
    fmt.Println(u.Profile.Name)  // Panics if u or Profile nil
}

// ✓ Nil-safe
func Process(u *User) {
    if u == nil || u.Profile == nil {
        return
    }
    fmt.Println(u.Profile.Name)
}

// ✗ No timeout on HTTP call
resp, err := http.Get(url)

// ✓ Context with timeout
ctx, cancel := context.WithTimeout(ctx, 10*time.Second)
defer cancel()
req, _ := http.NewRequestWithContext(ctx, "GET", url, nil)
resp, err := http.DefaultClient.Do(req)

// ✗ Resource leak
f, _ := os.Open(path)
// ... f never closed

// ✓ Defer close
f, err := os.Open(path)
if err != nil { return err }
defer f.Close()

C. K8sReady

  • Graceful shutdown (SIGTERM/SIGINT)
  • Structured JSON logging
  • Liveness + readiness probes
  • No hardcoded secrets

Examples:

go
// ✗ No graceful shutdown
http.ListenAndServe(":8080", handler)

// ✓ Graceful shutdown
srv := &http.Server{Addr: ":8080", Handler: handler}
go func() {
    sigCh := make(chan os.Signal, 1)
    signal.Notify(sigCh, syscall.SIGTERM, syscall.SIGINT)
    <-sigCh
    ctx, cancel := context.WithTimeout(context.Background(), 30*time.Second)
    defer cancel()
    srv.Shutdown(ctx)
}()
srv.ListenAndServe()

// ✗ Printf logging
fmt.Printf("error: %v\n", err)

// ✓ Structured logging
slog.Error("operation failed", "err", err, "user_id", userID)

D. Security

  • No hardcoded tokens/credentials
  • Injection prevention (SQL, command, path)
  • Input sanitization
  • Safe error messages

Examples:

go
// ✗ SQL injection
query := "SELECT * FROM users WHERE id = " + userID
db.Query(query)

// ✓ Parameterized query
db.Query("SELECT * FROM users WHERE id = $1", userID)

// ✗ Command injection
cmd := exec.Command("sh", "-c", "echo " + userInput)

// ✓ Avoid shell, pass args directly
cmd := exec.Command("echo", userInput)

// ✗ Path traversal
path := filepath.Join("/data", userInput)  // userInput="../etc/passwd"

// ✓ Validate and clean path
clean := filepath.Clean(userInput)
if strings.Contains(clean, "..") {
    return errors.New("invalid path")
}
path := filepath.Join("/data", clean)

// ✗ Sensitive data in error
return fmt.Errorf("auth failed for token %s", token)

// ✓ Safe error message
return errors.New("authentication failed")

Verification Protocol

For each finding:

  1. Generate verification question
  2. Answer INDEPENDENTLY (re-read fresh)
  3. Only report ✓ confirmed items

Output Format

Report findings by severity: Critical → Major → Minor Include verification summary with false positive rate.