reddit-readonly
Pass
Audited by Gen Agent Trust Hub on Apr 6, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill runs a local Node.js script
scripts/reddit-readonly.mjsto interface with Reddit. This is the intended behavior for the skill. - [EXTERNAL_DOWNLOADS]: The script performs network requests to reddit.com, which is a well-known service, to retrieve public JSON data.
- [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection as it processes untrusted data from Reddit. 1. Ingestion points: User-generated content from Reddit is fetched by
scripts/reddit-readonly.mjs. 2. Boundary markers: Data is structured in JSON, but text body snippets lack specific markers to prevent the agent from following embedded instructions. 3. Capability inventory: The skill is limited to Reddit API interaction and does not have access to sensitive system commands or file writes. 4. Sanitization: Retrieved content is not sanitized for malicious instruction patterns. - [SAFE]: No evidence of credential theft, obfuscation, or persistence mechanisms was found. The code is transparent and restricted to its stated read-only purpose.
Audit Metadata