reddit-automation
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: Indirect Prompt Injection Surface. The skill fetches and processes untrusted content from Reddit, which could contain malicious instructions designed to influence agent behavior.
- Ingestion points: Reddit search results, post details, and comments are ingested via tools like
REDDIT_SEARCH_ACROSS_SUBREDDITSandREDDIT_RETRIEVE_POST_COMMENTSin SKILL.md. - Boundary markers: Absent. There are no instructions to help the agent distinguish between its system guidelines and instructions found within Reddit content.
- Capability inventory: The skill has write capabilities including post creation, commenting, and editing via tools like
REDDIT_CREATE_REDDIT_POSTandREDDIT_POST_REDDIT_COMMENTas defined in SKILL.md. - Sanitization: Absent. The skill does not provide mechanisms to sanitize or validate external content before processing.
- [EXTERNAL_DOWNLOADS]: Reference to external MCP service.
- The setup instructions direct users to connect to
https://rube.app/mcpas an external MCP server to enable the Reddit automation functionality.
Audit Metadata