The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill instructs the user to install a binary from an external GitHub repository (github.com/Hyaxia/blogwatcher) using go install. This introduces a dependency on code maintained by an entity that is neither the skill author nor a known trusted vendor.
[COMMAND_EXECUTION]: The instructions rely on executing the blogwatcher CLI tool to perform operations such as scanning blogs and listing articles.
[INDIRECT_PROMPT_INJECTION]: This skill possesses an attack surface for indirect prompt injection as its primary purpose is to ingest and display content from external RSS and Atom feeds.
Ingestion points: Remote content is fetched into the agent context via the blogwatcher scan and blogwatcher articles commands.
Boundary markers: The skill does not provide instructions to the agent to delimit or ignore instructions that might be embedded within the retrieved feed content.
Capability inventory: The skill executes commands using the blogwatcher binary.
Sanitization: There is no evidence of sanitization or validation of the feed content before it is processed or displayed by the agent.

blogwatcher