reddit-automation
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted data from Reddit posts and comments through tools such as REDDIT_SEARCH_ACROSS_SUBREDDITS and REDDIT_RETRIEVE_POST_COMMENTS. This content is then used to drive subsequent agent actions, creating an attack surface for indirect prompt injection. 1. Ingestion points: REDDIT_SEARCH_ACROSS_SUBREDDITS, REDDIT_RETRIEVE_POST_COMMENTS, and REDDIT_GET_R_TOP in SKILL.md. 2. Boundary markers: No delimiters or ignore-instructions warnings are defined for ingested content. 3. Capability inventory: Tools for creating posts (REDDIT_CREATE_REDDIT_POST) and comments (REDDIT_POST_REDDIT_COMMENT) are available to the agent. 4. Sanitization: No sanitization, validation, or filtering of the external Reddit content is described.
- [EXTERNAL_DOWNLOADS]: The skill requires adding an external MCP server endpoint at https://rube.app/mcp. This establishes a dependency on a remote third-party service for providing tool schemas and execution logic.
Audit Metadata