Zero-tolerance
for Go Panics.

We brought Rust's compilation rigor to the Go ecosystem. GoGuard mathematically proves your data flow is secure, catching nil dereferences, race conditions, and ignoring errors before runtime. Designed via MCP to give your AI Agents absolute certainty.

Explore Features View on GitHub
Fast <200ms Diff checks | Zero-copy FlatBuffers IPC
6
Analysis Passes
100%
Offline & Secure
<200ms
Diff Analysis
Zero
False Positives Goal

What's Inside

Six Core Analyzers.

Powered by pure Go dataflow extraction natively integrated with a blazingly fast Rust engine.

Nil Safety

Mathematical lattice-based forward dataflow analysis to guarantee you never hit a nil-pointer dereference in production.

NIL001NIL002NIL003

Error Handling

Strictly validates that any returned error is not silently swallowed or ignored with blank identifiers.

ERR001ERR002

Concurrency

Detects shared mutable access running without synchronization, goroutine leaks, and dead channel sends.

RACE001LEAK001CHAN001

Resource Ownership

Finite state machine tracking for critical resources. Guarantees files and sockets move safely from Opened to Closed.

OWN001OWN002

Exhaustiveness

Validates interface implementations and enum switches to ensure every path is properly managed.

EXH001EXH002

Taint Analysis

Forward taint propagation tracking inputs from unverified sources to dangerous sinks, preventing SQLi and XSS.

TAINT001TAINT002

Architecture

The Fat Bridge

GoGuard utilizes a hybrid architecture: go/types parses your code safely, Rust analyzes it with extreme speed via FlatBuffers IPC.

Go Compiler Frontend

goguard-go-bridge parses the AST and builds a fully typed SSA Control Flow Graph.

FlatBuffers IPC

Zero-copy serialization transfers the AST to Rust in sub-milliseconds over Unix Sockets.

Rust Core & MCP Engine

Salsa-backed incremental graph analysis produces machine-readable diagnostics for your favorite AI Agent. 

# Check your project for safety
$ goguard check ./...

# Output (142ms):
[CRITICAL] NIL001: nil pointer dereference
  --> handler.go:18:22
   |
15 |     if err != nil {
16 |         log.Printf("error: %v", err)
17 |         // missing return
   |
18 |     fmt.Println(user.Name) // user may be nil here

Ready to ship safer code?

Built by Engineers,
for Engineers.

NexStat Project

Proudly created & maintained by the NexStat systems architecture team.

Learn Go

Looking to master Go? Join our interactive learning platform at Devera.one.