Skills
skills/seqis/openclaw-skills-converted-from-claude-code/blogwatcher/Gen Agent Trust Hub

blogwatcher

Pass

Audited by Gen Agent Trust Hub on Mar 5, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill installs the blogwatcher CLI tool using go install from an unverified third-party GitHub repository (github.com/Hyaxia/blogwatcher).- [COMMAND_EXECUTION]: The skill executes various blogwatcher subcommands to interact with the local filesystem and remote RSS/Atom feeds.- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it fetches and displays content from external RSS/Atom feeds which could contain malicious instructions.
  • Ingestion points: Feed content is ingested through blogwatcher scan and blogwatcher articles.
  • Boundary markers: No specific boundary markers or instructions to ignore embedded commands are used when presenting feed data to the agent.
  • Capability inventory: The agent can execute binary commands and read tool output.
  • Sanitization: No sanitization or filtering of the remote feed content is performed.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 5, 2026, 01:13 AM