Add `libstd-go` package

[koooosh]

What I'd like:

Currently, Bottlerocket does not have a clear way to report Go advisories from CVEs patched in the bottlerocket-sdk repository.

One solution is to add a no-op libstd-go package to the core-kit that we tag Go vulnerabilities to, which would simplify the BRSAs for them.

Any alternatives you've considered:

N/A