Can it help me manage API keys and credentials?

Absolutely. It promotes secure secrets management by providing patterns for environment variable usage and discouraging the use of hardcoded secrets.

What password hashing method does this skill recommend?

The skill implements bcrypt via the golang.org/x/crypto/bcrypt package, providing specific code snippets for both hashing and verifying passwords securely.

Is this skill based on industry standards?

Yes, all security best practices provided by this skill follow the OWASP (Open Web Application Security Project) guidelines for application security.

How does this skill help prevent SQL injection in Go?

It provides standardized patterns for using parameterized queries and named parameters instead of string formatting, ensuring user input is never executed as SQL commands.

Does this skill cover file system security?

Yes, it includes patterns for path validation and sanitization using filepath.Clean and prefix checking to prevent directory traversal attacks.

Go Secure Coding

Name: Go Secure Coding
Author: IvanTorresEdge

byIvanTorresEdge

보안 및 테스팅

Implements industry-standard security best practices and OWASP guidelines for Go applications to prevent common vulnerabilities.

소개

The Go Secure Coding skill provides specialized guidance for building robust, attack-resistant applications in Golang. It focuses on critical security patterns including input validation, parameterized SQL queries to prevent injection, and secure path handling to block traversal attacks. By providing clear implementation patterns for modern cryptography, bcrypt password hashing, and secure secrets management, this skill helps developers move beyond basic functionality to production-grade security. It is particularly useful during security audits or when building sensitive authentication and data-handling systems.

주요 기능

Secure password hashing implementations using bcrypt
Best practices for CORS configuration and secrets management
Path traversal and command injection protection patterns
0 GitHub stars
SQL injection prevention via parameterized and named queries
Cryptographically secure randomness with crypto/rand

사용 사례

Conducting security reviews of existing Go backend services
Implementing secure user authentication and credential storage
Developing public-facing APIs that require strict input validation

소개

주요 기능

Secure password hashing implementations using bcrypt
Best practices for CORS configuration and secrets management
Path traversal and command injection protection patterns
0 GitHub stars
SQL injection prevention via parameterized and named queries
Cryptographically secure randomness with crypto/rand

사용 사례

Conducting security reviews of existing Go backend services
Implementing secure user authentication and credential storage
Developing public-facing APIs that require strict input validation