Description
Go code can be scanned for security-sensitive patterns with a static analysis tool. It helps developers find risky data flow, unsafe calls, and issues that deserve review before release.
Static analysis is a review aid, not a guarantee of safety. Investigate findings, tune false positives, and combine it with tests, dependency review, and manual security checks.