blogwatcher
Warn
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (MEDIUM): The skill instructions and metadata trigger the installation of a Go module from 'github.com/Hyaxia/blogwatcher/cmd/blogwatcher@latest'. The author/organization 'Hyaxia' is not on the trusted sources list, making this an unverifiable dependency.
- [COMMAND_EXECUTION] (LOW): The skill utilizes a custom binary 'blogwatcher' to perform tasks. While the documented commands are for feed management, the execution of third-party binaries carries inherent risks of system access beyond the stated scope.
- [INDIRECT_PROMPT_INJECTION] (LOW): The skill is designed to ingest data from external RSS/Atom feeds which are attacker-controllable sources.
- Ingestion points: Data enters the system via 'blogwatcher scan' and 'blogwatcher articles' commands.
- Boundary markers: None identified. There are no instructions to the agent to treat the feed content as untrusted data.
- Capability inventory: The skill has network access and local file execution capabilities via the CLI tool.
- Sanitization: No evidence of sanitization or content filtering for the retrieved feed data.
Audit Metadata