Skills
skills/trpc-group/trpc-agent-go/blogwatcher/Gen Agent Trust Hub

blogwatcher

Warn

Audited by Gen Agent Trust Hub on Mar 30, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill metadata and instructions facilitate the installation of a Go binary from a third-party GitHub repository (github.com/Hyaxia/blogwatcher). This source is not associated with a known trusted organization or well-known service.
  • [COMMAND_EXECUTION]: The skill's primary functionality involves executing the blogwatcher command-line interface. The agent is directed to run multiple commands including blogwatcher add, blogwatcher scan, and blogwatcher articles, which perform network operations to fetch external data and manage local state.
  • [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection because it retrieves and displays content from external websites.
  • Ingestion points: Untrusted data enters the agent's context through RSS/Atom feeds processed by the blogwatcher scan and blogwatcher articles commands.
  • Boundary markers: The skill lacks explicit delimiters or instructions to prevent the agent from obeying commands that might be embedded within the feed content.
  • Capability inventory: The skill utilizes shell command execution via the blogwatcher CLI and file system interactions for managing tracked blogs.
  • Sanitization: There is no evidence of sanitization, filtering, or validation performed on the external content before it is presented to the agent.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 30, 2026, 01:08 AM
Security Audit — agent-trust-hub — blogwatcher