I noticed during testing that the curve25519 GenerateKeypair method uses direct data from the RNG without clamping as instructed in https://cr.yp.to/ecdh.html:

 secret[0] &= 248;
 secret[31] &= 127;
 secret[31] |= 64;

Correct, the clamping happens in the scalarMult implementation: https://github.com/golang/crypto/blob/7e9105388ebff089b3f99f0ef676ea55a6da3a7e/curve25519/curve25519.go#L789-L791