blogwatcher
Warn
Audited by Gen Agent Trust Hub on Feb 23, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of a Go module from a third-party repository (github.com/Hyaxia/blogwatcher/cmd/blogwatcher@latest). This source is not part of the trusted organization list or recognized as a well-known service.
- [COMMAND_EXECUTION]: The skill relies on the execution of the blogwatcher binary, which is compiled and installed from an external source.
- [PROMPT_INJECTION]: The skill processes untrusted data from RSS and Atom feeds, creating a surface for indirect prompt injection.
- Ingestion points: Data enters the agent's context through the scan and articles commands which fetch content from external URLs.
- Boundary markers: There are no specific delimiters or instructional barriers defined in the skill to prevent the agent from following instructions hidden within feed content.
- Capability inventory: The skill executes a custom binary and performs network operations.
- Sanitization: No sanitization or filtering logic is specified for the data retrieved from external feeds.
Audit Metadata