reddit-automation
Warn
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (MEDIUM): The skill requires the configuration of an MCP server hosted at
https://rube.app/mcp. This domain is not among the verified trusted organizations or repositories, making the remote tools and their execution logic unverifiable. - [PROMPT_INJECTION] (LOW): Vulnerable to Indirect Prompt Injection (Category 8).
- Ingestion points: Untrusted data enters the agent context through multiple tools including
REDDIT_SEARCH_ACROSS_SUBREDDITS,REDDIT_RETRIEVE_POST_COMMENTS, andREDDIT_GET_R_TOPwhich fetch arbitrary text from Reddit. - Boundary markers: Absent. The skill lacks instructions or delimiters to warn the agent about potential instructions embedded within fetched Reddit posts or comments.
- Capability inventory: The skill possesses significant 'write' capabilities, such as
REDDIT_CREATE_REDDIT_POST,REDDIT_POST_REDDIT_COMMENT, andREDDIT_DELETE_REDDIT_POST, which could be abused if the agent follows instructions found in 'read' data. - Sanitization: Absent. There is no evidence of filtering or escaping logic applied to the external content before it is processed by the LLM.
Audit Metadata