The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill configuration triggers the installation of a Go module from a third-party GitHub repository (github.com/Hyaxia/blogwatcher). This source is not associated with the skill author (insight68) nor is it on the list of trusted or well-known providers, requiring manual verification of the repository's security.
[COMMAND_EXECUTION]: The skill relies on the execution of the locally installed 'blogwatcher' binary to perform its core functions, including network operations and file management for tracking blogs.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests untrusted data from external RSS/Atom feeds which could contain malicious instructions.
Ingestion points: External content is brought into the agent's context through the 'blogwatcher scan' and 'blogwatcher articles' commands.
Boundary markers: Absent; the skill does not implement delimiters or specific instructions to ignore content within the fetched feeds.
Capability inventory: The skill possesses command execution capabilities through the CLI tool.
Sanitization: Absent; there is no evidence of filtering or validation of the content retrieved from external URLs before it is processed by the agent.

blogwatcher