blogwatcher
Pass
Audited by Gen Agent Trust Hub on Mar 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Installs the blogwatcher utility from the Hyaxia/blogwatcher GitHub repository using the go install command.
- [COMMAND_EXECUTION]: Executes the blogwatcher CLI tool to manage, scan, and read blog feeds.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through ingested feed content. Ingestion points: External RSS/Atom feeds processed via the scan and articles commands. Boundary markers: No delimiters or explicit instructions to ignore embedded commands are present in the prompt. Capability inventory: Execution of the local blogwatcher binary. Sanitization: No explicit sanitization or validation of the feed content is defined.
Audit Metadata