Skills
skills/winsorllc/upgraded-carnival/blog-watcher/Gen Agent Trust Hub

blog-watcher

Warn

Audited by Gen Agent Trust Hub on Mar 1, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill requires the installation of the blogwatcher tool using go install github.com/Hyaxia/blogwatcher/cmd/blogwatcher@latest. This source is not part of the trusted vendors list and represents an unverifiable external dependency.
  • [COMMAND_EXECUTION]: The skill's primary functionality is to execute various subcommands of the blogwatcher CLI tool. Additionally, the provided test.js script uses execSync to invoke the CLI tool directly from the environment.
  • [PROMPT_INJECTION]: The skill is designed to ingest and process data from arbitrary RSS/Atom feeds. This is an indirect prompt injection surface where untrusted external content could contain instructions meant to manipulate the agent's behavior.
  • Ingestion points: RSS/Atom feed content processed by blogwatcher scan and blogwatcher articles.
  • Boundary markers: None detected in the provided instructions; feed content is likely passed directly to the agent context.
  • Capability inventory: The agent can execute CLI commands and potentially summarize/analyze content using other skills.
  • Sanitization: No explicit sanitization or validation of the feed content is mentioned before it is presented to the agent.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 1, 2026, 05:10 AM