blogwatcher-cli
Pass
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: SAFE
Full Analysis
- [Data Exposure & Exfiltration] (SAFE): Network access is legitimate and restricted to user-defined blog URLs for article discovery. Local file access is limited to the tool's internal SQLite database at ~/.blogwatcher/.
- [Prompt Injection] (SAFE): Skill and agent metadata files (SKILL.md, AGENTS.md) contain helpful operational constraints and no malicious override patterns.
- [External Downloads] (SAFE): Project dependencies (gofeed, goquery, cobra) are well-known and fetched via standard Go toolchains.
- [Indirect Prompt Injection] (LOW): The tool ingests external web content (article titles). While this presents a theoretical injection surface for downstream AI agents, it is a standard risk for web-aggregation tools and not a flaw in the skill itself.
Audit Metadata