Skills
skills/sundial-org/awesome-openclaw-skills/blogwatcher/Gen Agent Trust Hub

blogwatcher

Pass

Audited by Gen Agent Trust Hub on Mar 8, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill installs the blogwatcher CLI tool from a third-party GitHub repository (github.com/Hyaxia/blogwatcher) that is not on the trusted vendors list.\n- [COMMAND_EXECUTION]: The skill executes various subcommands of the blogwatcher binary to manage feeds and articles on the local system.\n- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it retrieves and processes content from external RSS and Atom feeds.\n
  • Ingestion points: The blogwatcher scan and blogwatcher articles commands ingest untrusted data from external URLs.\n
  • Boundary markers: There are no explicit delimiters or instructions provided to the agent to treat the feed content as untrusted.\n
  • Capability inventory: The agent uses the tool to list, read, and manage articles based on external input which could influence the conversation context.\n
  • Sanitization: No sanitization or filtering of the feed content is performed within the skill definition.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 8, 2026, 05:27 AM