Skills
skills/kirkluokun/awesome-a-stock-openclawskills/blogwatcher/Gen Agent Trust Hub

blogwatcher

Warn

Audited by Gen Agent Trust Hub on Mar 15, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill installs the blogwatcher CLI tool via a Go module from an unverified GitHub repository (github.com/Hyaxia/blogwatcher).- [COMMAND_EXECUTION]: The skill executes the blogwatcher binary to perform tasks like adding blogs, listing articles, and scanning for updates.- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface through the ingestion of external RSS/Atom feed content.
  • Ingestion points: Untrusted data enters the agent context through the blogwatcher scan and blogwatcher articles commands as defined in SKILL.md.
  • Boundary markers: No explicit delimiters or instructions are provided to the agent to treat external feed content as untrusted data.
  • Capability inventory: The agent is configured to execute the blogwatcher CLI and process its outputs, which contains the external data.
  • Sanitization: There is no evidence of filtering or sanitization of the feed content before it is presented to the agent.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 15, 2026, 08:24 AM