reddit-automation

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly instructs the agent to call Reddit toolkit endpoints (e.g., REDDIT_SEARCH_ACROSS_SUBREDDITS, REDDIT_GET_R_TOP, REDDIT_RETRIEVE_POST_COMMENTS) to fetch and read user-generated content from public Reddit pages, which the agent is expected to interpret and can influence subsequent actions like posting or commenting.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill mandates adding and calling the MCP endpoint https://rube.app/mcp (via RUBE_SEARCH_TOOLS) at runtime to fetch current tool schemas, which directly control agent behavior/instructions.