reddit-automation
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (LOW): The skill instructions require the user to connect to a third-party MCP server at
https://rube.app/mcp. This external endpoint is not listed in the trusted GitHub repositories or organizations, presenting a dependency on unverified infrastructure. - [PROMPT_INJECTION] (LOW): The skill is vulnerable to Indirect Prompt Injection (Category 8). 1. Ingestion points: External data is ingested through tools such as
REDDIT_SEARCH_ACROSS_SUBREDDITSandREDDIT_RETRIEVE_POST_COMMENTSinSKILL.md. 2. Boundary markers: There are no markers or instructions defined to isolate retrieved Reddit content from the agent's core instructions. 3. Capability inventory: The agent has significant write and delete capabilities, includingREDDIT_CREATE_REDDIT_POST,REDDIT_POST_REDDIT_COMMENT, andREDDIT_DELETE_REDDIT_POST. 4. Sanitization: No validation or sanitization of retrieved Reddit content is implemented, allowing potential malicious instructions in posts to influence the agent's actions.
Audit Metadata