[scaryclam]

I like the look of this, so on the software side it's a thumbs up.

However, the fact that the code is active at all will rule it out for some companies (firewall or not).

Perhaps make it something users can turn off in a config file? Not everyone can code in go, especially if their job is as a sysadmin, which isn't unlikely given that this is an infrastructure tool, so it might not be as simple as forking and editing the code for them.

[mbreese]

Or make it turn-off-able (?) with an environmental variable. There are a couple of ways to make the tool default to report and allowable in non-reportable environments. The key thing is to make what is happening transparent.

[frugalmail]

Must be an explicit "turn-on" option.