blogwatcher
Warn
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill installs the blogwatcher binary directly from a third-party GitHub repository (github.com/Hyaxia/blogwatcher/cmd/blogwatcher@latest) using the Go package manager. This source is not verified or listed as a trusted vendor.
- [COMMAND_EXECUTION]: The skill's primary functionality relies on executing the blogwatcher CLI tool, which is downloaded during the installation process.
- [PROMPT_INJECTION]: Indirect Prompt Injection Risk: 1. Ingestion points: The skill reads external content from RSS and Atom feeds via the blogwatcher scan and blogwatcher articles commands in SKILL.md. 2. Boundary markers: None identified in the instructions. 3. Capability inventory: The skill can execute the downloaded blogwatcher CLI. 4. Sanitization: No sanitization of feed content is mentioned before presenting it to the agent.
Audit Metadata