OpenClaw logo
OpenClaw Skills
skills$openclaw/go-security-vulnerability
irook6616.7k

by irook661

go-security-vulnerability – OpenClaw Skill

go-security-vulnerability is an OpenClaw Skills integration for security workflows. Identify, assess, and fix security vulnerabilities in Go modules using govulncheck. Handle common vulnerabilities like JWT issues and ensure application stability during fixes.

6.7k stars7.0k forksSecurity L1
Updated Feb 7, 2026Created Feb 7, 2026security

Skill Snapshot

namego-security-vulnerability
descriptionIdentify, assess, and fix security vulnerabilities in Go modules using govulncheck. Handle common vulnerabilities like JWT issues and ensure application stability during fixes. OpenClaw Skills integration.
ownerirook661
repositoryirook661/go-security-vulnerability
languageMarkdown
licenseMIT
topics
securityL1
installopenclaw add @irook661/go-security-vulnerability
last updatedFeb 7, 2026

Maintainer

irook661

irook661

Maintains go-security-vulnerability in the OpenClaw Skills directory.

View GitHub profile
File Explorer
2 files
.
_meta.json
304 B
SKILL.md
2.8 KB
SKILL.md

name: go-security-vulnerability description: "Identify, assess, and fix security vulnerabilities in Go modules using govulncheck. Handle common vulnerabilities like JWT issues and ensure application stability during fixes." metadata: { "openclaw": { "emoji": "🔒", "requires": { "bins": ["go"] }, "install": [ { "id": "golang", "kind": "script", "script": "curl -L https://golang.org/dl/go1.21.5.linux-amd64.tar.gz | tar -C /usr/local -xzf -", "bins": ["go"], "label": "Install Go", }, ], }, }

Go Security Vulnerability Skill

Use Go tooling to identify, assess, and fix security vulnerabilities in Go modules. This skill helps detect and remediate vulnerabilities while maintaining application functionality.

Vulnerability Detection

Scan for vulnerabilities in your Go project:

go install golang.org/x/vuln/cmd/govulncheck@latest
govulncheck ./...

Check specific modules for known vulnerabilities:

govulncheck -show verbose ./...

Assessment Process

  1. Identify Affected Packages: Determine which dependencies contain vulnerabilities
  2. Check Severity: Review the CVE details and potential impact
  3. Verify Usage: Confirm if the vulnerable functions are actually used in your code
  4. Plan Remediation: Choose the appropriate fix strategy

Common Fix Strategies

Direct Dependency Update

Update vulnerable packages to secure versions:

go get -u vulnerable/package@latest
go mod tidy

Transitive Dependency Handling

For vulnerabilities in transitive dependencies:

go mod why vulnerable/package  # Understand why it's included
go mod edit -replace vulnerable/package=newer-version  # Replace if needed
go mod tidy

Removal Strategy

If a dependency is unused or can be replaced:

  1. Remove direct imports of the vulnerable code
  2. Run go mod tidy to clean up unused dependencies
  3. Verify application functionality remains intact

Verification Steps

After applying fixes:

# Verify no vulnerabilities remain
govulncheck ./...

# Ensure application still builds
go build ./...

# Run tests to verify functionality
go test ./...

Common Vulnerabilities

JWT Libraries

  • Issue: github.com/golang-jwt/jwt GO-2025-3553 (excessive memory allocation)
  • Fix: Update to newer version or switch to golang.org/x/oauth2 alternatives

Standard Library Updates

  • Keep Go version updated for security patches
  • Run go vuln to check for stdlib vulnerabilities

Best Practices

  • Regularly scan dependencies with govulncheck
  • Keep dependencies updated with go get -u
  • Use go mod tidy to remove unused dependencies
  • Test thoroughly after vulnerability fixes
  • Monitor for new vulnerabilities with automated tools
README.md

No README available.

Permissions & Security

Security level L1: Low-risk skills with minimal permissions. Review inputs and outputs before running in production.

Requirements

  • OpenClaw CLI installed and configured.
  • Language: Markdown
  • License: MIT
  • Topics:

FAQ

How do I install go-security-vulnerability?

Run openclaw add @irook661/go-security-vulnerability in your terminal. This installs go-security-vulnerability into your OpenClaw Skills catalog.

Does this skill run locally or in the cloud?

OpenClaw Skills execute locally by default. Review the SKILL.md and permissions before running any skill.

Where can I verify the source code?

The source repository is available at https://github.com/openclaw/skills/tree/main/skills/irook661/go-security-vulnerability. Review commits and README documentation before installing.