This one covers the defensive patterns that aren't about error handling: copying slices and maps at API boundaries to prevent mutation bugs, using defer for cleanup, compile-time interface checks, and the small things like starting iota enums at 1 so zero means uninitialized. The checklist ordering is smart. It walks through API boundary hardening top to bottom, and the separation between crypto/rand for keys versus math/rand for non-security randomness is the kind of thing that causes real vulnerabilities when people get it wrong. The panic and recover guidance is stricter than most Go tutorials, insisting libraries never expose panics across package boundaries. Good complement to go-error-handling if you want the full defensive posture without overlap.
npx skills add https://github.com/cxuu/golang-skills --skill go-defensive