Skills
skills/malue-ai/dazee-small/blogwatcher/Gen Agent Trust Hub

blogwatcher

Pass

Audited by Gen Agent Trust Hub on Mar 6, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill download and installs the blogwatcher CLI tool from a third-party GitHub repository (github.com/Hyaxia/blogwatcher) using the Go toolchain.
  • [COMMAND_EXECUTION]: The skill relies on executing the blogwatcher binary locally to manage and scan blog feeds.
  • [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection by ingesting untrusted data from external RSS/Atom feeds.
  • Ingestion points: Content from external feeds is brought into the agent context through the blogwatcher articles and blogwatcher scan commands.
  • Boundary markers: The skill does not define specific delimiters or instructions to prevent the agent from following commands embedded within the blog content.
  • Capability inventory: The agent has the capability to execute the blogwatcher tool and potentially other system commands based on the output it processes.
  • Sanitization: There is no evidence of sanitization or filtering of the feed content before it is presented to the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 6, 2026, 04:19 PM