blogwatcher
Warn
Audited by Gen Agent Trust Hub on May 19, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill's metadata triggers the download of a Go package from an external repository: github.com/Hyaxia/blogwatcher/cmd/blogwatcher@latest.
- [COMMAND_EXECUTION]: The skill functions by executing the blogwatcher CLI tool for tasks like scanning feeds and adding blogs.
- [REMOTE_CODE_EXECUTION]: The use of 'go install' in the installation metadata allows for the acquisition and execution of code from a remote source on the user's environment.
- [PROMPT_INJECTION]: This skill has an indirect prompt injection surface. 1. Ingestion point: Untrusted data from RSS/Atom feeds is read via the 'blogwatcher scan' command. 2. Boundary markers: No delimiters or ignore instructions are present in the skill definition. 3. Capability inventory: The skill can execute shell commands via the blogwatcher binary. 4. Sanitization: No sanitization or filtering of external feed content is specified.
Audit Metadata