FICHA · AUR

gosec

Inspects source code for security problems by scanning the Go AST

  • security-tool
  • CLI
  • Dev
  • SECURITY
  • Launchable
  • Runs in terminal
official+codex · reviewed · May 31, 2026 description in en

Description

Go source code can be scanned for common security mistakes before review or release. It is useful for developers who want static checks for risky patterns such as weak cryptography, unsafe file permissions, or suspicious subprocess use.

Static analysis finds indicators, not final proof of safety. Review findings manually and keep tests, dependency audits, and code review in the release process.

How to run

gosec

Commands: gosec

Permissions

Permissions not analysed for this source yet.