review-go

Compare original and translation side by side

🇺🇸

Original

English

🇨🇳

Translation

Chinese

Skill: Review Go

技能：Go代码审查

Purpose

用途

Review code in Go for language and runtime conventions only. Do not define scope (diff vs codebase) or perform security/architecture analysis; those are handled by scope and cognitive skills. Emit a findings list in the standard format for aggregation. Focus on concurrency and goroutine lifecycle, context usage, error handling, resource management, API stability, type and zero-value semantics, and testability.

仅审查Go代码是否符合语言与运行时约定。不要定义审查范围（差异对比vs整个代码库），也不要执行安全/架构分析，这些由范围类和认知类技能处理。输出标准格式的问题发现列表用于聚合。重点关注并发与goroutine生命周期、context使用、错误处理、资源管理、API稳定性、类型与零值语义，以及可测试性。

Core Objective

核心目标

Primary Goal: Produce a Go language/runtime findings list covering concurrency, context usage, error handling, resource management, API stability, type semantics, and testability for the given code scope.

Success Criteria (ALL must be met):

✅ Go-only scope: Only Go language and runtime conventions are reviewed; no scope selection, security, or architecture analysis performed
✅ All seven Go dimensions covered: Concurrency/goroutine lifecycle, context usage, error handling, resource management, API stability, type/zero-value semantics, and testability are assessed where relevant
✅ Findings format compliant: Each finding includes Location, Category (
```
language-go
```
), Severity, Title, Description, and optional Suggestion
✅ File:line references: All findings reference specific file locations with line numbers
✅ Non-Go code excluded: Non-Go files are not analyzed for Go-specific rules unless explicitly in scope

Acceptance Test: Does the output contain a Go-focused findings list with file:line references covering all relevant language/runtime dimensions without performing security, architecture, or scope analysis?

首要目标：针对给定代码范围，输出覆盖并发、context使用、错误处理、资源管理、API稳定性、类型语义和可测试性的Go语言/运行时问题发现列表。

成功标准（必须全部满足）：

✅ 仅覆盖Go范围：仅审查Go语言和运行时约定，不做范围选择、安全或架构分析
✅ 覆盖全部7个Go维度：在相关场景下评估并发/goroutine生命周期、context使用、错误处理、资源管理、API稳定性、类型/零值语义和可测试性
✅ 符合问题发现格式要求：每个发现项包含位置、分类（
```
language-go
```
）、严重程度、标题、描述和可选建议
✅ 包含文件:行号引用：所有发现项都标注具体的文件位置和行号
✅ 排除非Go代码：除非明确在范围内，否则不对非Go文件执行Go专属规则分析

验收测试：输出是否包含聚焦Go的问题发现列表，带有文件:行号引用，覆盖所有相关语言/运行时维度，且未执行安全、架构或范围分析？

Scope Boundaries

范围边界

This skill handles:

Goroutine lifecycle and leak prevention (channel closing, cancellation, WaitGroup)
Context propagation through request paths
Error handling (wrapping with
```
%w
```
,
```
errors.Is/As
```
, avoiding panic for expected errors)
Resource management (defer Close(), resp.Body.Close(), context cancel())
API stability and Go modules (exported types, backward compatibility, go.mod)
Type and zero-value semantics (nil interface vs typed nil, pointer/value receiver, slice/map initialization)
Testability (small interfaces, injection over globals, deterministic test seams)

This skill does NOT handle:

Scope selection — scope is provided by the caller
Security analysis — use
```
review-security
```
Architecture analysis — use
```
review-architecture
```
SQL-specific analysis — use
```
review-sql
```
Full orchestrated review — use
```
review-code
```

Handoff point: When all Go findings are emitted, hand off to

review-code

for aggregation. For SQL or security issues, note them and suggest the appropriate cognitive skill.

本技能负责：

Goroutine生命周期与泄漏预防（通道关闭、取消、WaitGroup）
请求链路的Context传递
错误处理（使用
```
%w
```
包装、
```
errors.Is/As
```
、避免对预期错误抛出panic）
资源管理（defer Close()、resp.Body.Close()、context cancel()）
API稳定性与Go modules（导出类型、向后兼容性、go.mod）
类型与零值语义（nil接口vs typed nil、指针/值接收者、切片/映射初始化）
可测试性（小接口、依赖注入优于全局变量、确定性测试接缝）

本技能不负责：

范围选择 —— 范围由调用方提供
安全分析 —— 使用
```
review-security
```
架构分析 —— 使用
```
review-architecture
```
SQL专属分析 —— 使用
```
review-sql
```
全流程编排审查 —— 使用
```
review-code
```

交接点：输出所有Go相关发现后，交接给

review-code

做聚合。如果发现SQL或安全问题，标注问题并建议使用对应的认知类技能。

Use Cases

使用场景

Orchestrated review: Used as the language step when review-code runs scope -> language -> framework -> library -> cognitive for Go projects.
Go-only review: When the user wants only language/runtime conventions checked (e.g. after adding a new Go file).
Pre-PR Go checklist: Ensure concurrency, context, and error handling patterns are correct.

When to use: When the code under review is Go and the task includes language/runtime quality. Scope (diff vs paths) is determined by the caller or user.

编排式审查：当review-code对Go项目执行「范围→语言→框架→库→认知」全流程审查时，作为语言检查步骤使用
Go专属审查：用户仅需要检查语言/运行时约定时使用（比如新增Go文件后）
PR前Go检查清单：确保并发、context和错误处理模式正确

适用时机：待审查代码为Go，且任务包含语言/运行时质量检查时使用。审查范围（差异vs路径）由调用方或用户确定。

Behavior

行为规范

Scope of this skill

技能范围

Analyze: Go language and runtime conventions in the given code scope (files or diff provided by the caller). Do not decide scope; accept the code range as input.
Do not: Perform scope selection (diff vs codebase), security review, or architecture review; do not review non-Go files for Go-specific rules unless explicitly in scope.

分析内容：给定代码范围（调用方提供的文件或差异）中的Go语言和运行时约定。不要自行决定范围，接受传入的代码范围作为输入。
禁止行为：执行范围选择（差异vs代码库）、安全审查、架构审查；除非明确在范围内，否则不对非Go文件执行Go专属规则审查。

Review checklist (Go dimension only)

审查清单（仅Go维度）

Concurrency and goroutine lifecycle: Proper use of goroutines, channels, sync primitives, WaitGroup usage, channel closing, select patterns, and avoidance of goroutine leaks or data races.
Context usage: Context passed through request paths, cancellation and deadlines respected, avoid context.Background() in request handlers, and no storing context in long-lived structs.
Error handling: Errors checked and returned; wrapping with
```
%w
```
; use of
```
errors.Is/As
```
; avoid panic for expected errors; avoid error shadowing.
Resource management:
```
defer Close()
```
for io.Closer,
```
resp.Body.Close()
```
on HTTP responses,
```
Stop()
```
for Timer/Ticker, and
```
cancel()
```
for contexts.
API stability and modules: Stability of exported APIs, changes to exported types and interfaces, backward compatibility, and Go version/module expectations (go.mod, build tags).
Type and zero-value semantics: Nil interface vs typed nil pitfalls, pointer vs value receivers, map/slice initialization, copying and aliasing of slices, and zero-value correctness.
Testability and interfaces: Prefer small interfaces, injection over globals, and seams for deterministic tests.

并发与goroutine生命周期：正确使用goroutine、通道、同步原语、WaitGroup、通道关闭、select模式，避免goroutine泄漏或数据竞争。
Context使用：请求链路传递context，遵守取消和超时规则，避免在请求处理函数中使用context.Background()，不要将context存储在长生命周期结构体中。
错误处理：检查并返回错误；使用
```
%w
```
包装；使用
```
errors.Is/As
```
；避免对预期错误抛出panic；避免错误变量遮蔽。
资源管理：对io.Closer使用
```
defer Close()
```
，HTTP响应调用
```
resp.Body.Close()
```
，Timer/Ticker调用
```
Stop()
```
，context调用
```
cancel()
```
。
API稳定性与模块：导出API的稳定性、导出类型和接口的变更、向后兼容性、Go版本/模块要求（go.mod、构建标签）。
类型与零值语义：nil接口vs typed nil陷阱、指针vs值接收者、映射/切片初始化、切片的拷贝与别名、零值正确性。
可测试性与接口：优先使用小接口、依赖注入优于全局变量、提供确定性测试的接缝。

Tone and references

语气与引用规范

Professional and technical: Reference specific locations (file:line). Emit findings with Location, Category, Severity, Title, Description, Suggestion.

专业且技术导向：引用具体位置（文件:行号）。输出的发现项包含位置、分类、严重程度、标题、描述、建议。

Input & Output

输入与输出

Input

输入

Code scope: Files or directories (or diff) already selected by the user or by the scope skill. This skill does not decide scope; it reviews the provided Go code for language conventions only.

代码范围：已由用户或范围类技能选择的文件、目录（或差异）。本技能不决定范围，仅审查提供的Go代码是否符合语言约定。

Output

输出

Emit zero or more findings in the format defined in Appendix: Output contract.
Category for this skill is language-go.

输出0条或多条符合附录：输出约定格式的发现项。
本技能的分类为language-go。

Restrictions

限制规则

Hard Boundaries

严格边界

Do not perform security, architecture, or scope selection. Stay within Go language and runtime conventions.
Do not give conclusions without specific locations or actionable suggestions.
Do not review non-Go code for Go-specific rules unless the user explicitly includes it (e.g. embedded code snippets).

禁止执行安全、架构或范围选择。仅聚焦Go语言和运行时约定。
禁止在没有具体位置或可落地建议的情况下给出结论。
禁止对非Go代码执行Go专属规则审查，除非用户明确包含（比如嵌入式代码片段）。

Skill Boundaries

技能边界

Do NOT do these (other skills handle them):

Do NOT select or define the code scope — scope is determined by the caller or
```
review-code
```
Do NOT perform security analysis — use
```
review-security
```
Do NOT perform architecture analysis — use
```
review-architecture
```
Do NOT perform comprehensive SQL analysis — use
```
review-sql
```

When to stop and hand off:

When all Go findings are emitted, hand off to
```
review-code
```
for aggregation
When the user needs a full review (scope + language + cognitive), redirect to
```
review-code
```
When SQL or security issues are found, note them and suggest appropriate cognitive skills

禁止执行以下操作（由其他技能负责）：

不要选择或定义代码范围 —— 范围由调用方或
```
review-code
```
决定
不要执行安全分析 —— 使用
```
review-security
```
不要执行架构分析 —— 使用
```
review-architecture
```
不要执行全面SQL分析 —— 使用
```
review-sql
```

停止与交接时机：

输出所有Go相关发现后，交接给
```
review-code
```
做聚合
用户需要全流程审查（范围+语言+认知）时，重定向到
```
review-code
```
发现SQL或安全问题时，标注问题并建议使用对应的认知类技能

Self-Check

自检清单

Core Success Criteria

核心成功标准

Go-only scope: Only Go language and runtime conventions are reviewed; no scope selection, security, or architecture analysis performed
All seven Go dimensions covered: Concurrency/goroutine lifecycle, context usage, error handling, resource management, API stability, type/zero-value semantics, and testability are assessed where relevant
Findings format compliant: Each finding includes Location, Category (
```
language-go
```
), Severity, Title, Description, and optional Suggestion
File:line references: All findings reference specific file locations with line numbers
Non-Go code excluded: Non-Go files are not analyzed for Go-specific rules unless explicitly in scope

仅覆盖Go范围：仅审查Go语言和运行时约定，未做范围选择、安全或架构分析
覆盖全部7个Go维度：在相关场景下评估并发/goroutine生命周期、context使用、错误处理、资源管理、API稳定性、类型/零值语义和可测试性
符合问题发现格式要求：每个发现项包含位置、分类（
```
language-go
```
）、严重程度、标题、描述和可选建议
包含文件:行号引用：所有发现项都标注具体的文件位置和行号
排除非Go代码：除非明确在范围内，否则不对非Go文件执行Go专属规则分析

Process Quality Checks

流程质量检查

Was only the Go language/runtime dimension reviewed (no scope/security/architecture)?
Are concurrency, context usage, error handling, resource management, API stability, type semantics, and testability covered where relevant?
Is each finding emitted with Location, Category=language-go, Severity, Title, Description, and optional Suggestion?
Are issues referenced with file:line?

是否仅审查了Go语言/运行时维度（无范围/安全/架构分析）？
相关场景下是否覆盖了并发、context使用、错误处理、资源管理、API稳定性、类型语义和可测试性？
每个发现项是否都包含位置、分类=language-go、严重程度、标题、描述和可选建议？
问题是否都标注了文件:行号？

Acceptance Test

验收测试

Does the output contain a Go-focused findings list with file:line references covering all relevant language/runtime dimensions without performing security, architecture, or scope analysis?

输出是否包含聚焦Go的问题发现列表，带有文件:行号引用，覆盖所有相关语言/运行时维度，且未执行安全、架构或范围分析？

Examples

示例

Example 1: Goroutine leak

示例1：Goroutine泄漏

Input: Goroutine started in a request handler that waits on a channel that is never closed or canceled.
Expected: Emit a finding for goroutine leak and missing cancellation; reference the handler and channel usage. Category = language-go.

输入：请求处理函数中启动的goroutine等待一个永远不会关闭或取消的通道。
预期输出：输出goroutine泄漏和缺少取消机制的发现项；引用处理函数和通道使用位置。分类=language-go。

Example 2: Error handling

示例2：错误处理

Input: Function returns
```
fmt.Errorf("failed: %v", err)
```
and the caller compares errors with
```
==
```
.
Expected: Emit a finding to wrap with
```
%w
```
and use
```
errors.Is/As
```
; reference the error construction and comparison. Category = language-go.

输入：函数返回
```
fmt.Errorf("failed: %v", err)
```
，调用方使用
```
==
```
比较错误。
预期输出：输出建议使用
```
%w
```
包装错误并使用
```
errors.Is/As
```
比较的发现项；引用错误构造和比较位置。分类=language-go。

Example 3: Nil interface pitfall

示例3：Nil接口陷阱

Input: Function returns
```
(*MyStruct)(nil)
```
as an
```
error
```
interface; caller checks
```
if err != nil
```
.
Expected: Emit a finding that a typed nil assigned to an interface is not nil; suggest returning an explicit
```
nil
```
instead. Category = language-go.

输入：函数返回
```
(*MyStruct)(nil)
```
作为
```
error
```
接口；调用方使用
```
if err != nil
```
判断。
预期输出：输出赋值给接口的typed nil不等于nil的发现项；建议返回显式
```
nil
```
。分类=language-go。

Edge case: Mixed Go and SQL

边界情况：Go与SQL混合

Input: Go file with embedded SQL strings for database queries.
Expected: Review only Go conventions (context usage, error handling, resource cleanup). Do not emit SQL-injection findings; that is for review-security or review-sql.

输入：Go文件中包含嵌入式SQL查询字符串。
预期输出：仅审查Go约定（context使用、错误处理、资源清理）。不要输出SQL注入相关发现；这类问题属于review-security或review-sql的职责。

Appendix: Output contract

附录：输出约定

Each finding MUST follow the standard findings format:

Element	Requirement
Location	`path/to/file.ext` (optional line or range).
Category	`language-go` .
Severity	`critical` \| `major` \| `minor` \| `suggestion` .
Title	Short one-line summary.
Description	1-3 sentences.
Suggestion	Concrete fix or improvement (optional).

Example:

markdown

- **Location**: `internal/worker/pool.go:87`
- **Category**: language-go
- **Severity**: major
- **Title**: Goroutine leak due to missing cancellation
- **Description**: The goroutine blocks on a channel that is never closed or canceled, so it will leak per request.
- **Suggestion**: Pass a context and exit on cancellation, or close the channel when the work is done.

每个发现项必须遵循标准格式：

元素	要求
位置	`path/to/file.ext` （可选行号或范围）。
分类	`language-go` 。
严重程度	`critical` \| `major` \| `minor` \| `suggestion` 。
标题	简短的单行摘要。
描述	1-3句话说明。
建议	具体的修复或优化方案（可选）。

示例：

markdown

- **Location**: `internal/worker/pool.go:87`
- **Category**: language-go
- **Severity**: major
- **Title**: Goroutine leak due to missing cancellation
- **Description**: The goroutine blocks on a channel that is never closed or canceled, so it will leak per request.
- **Suggestion**: Pass a context and exit on cancellation, or close the channel when the work is done.