The Agent Skills Directory

Indirect Prompt Injection (MEDIUM): The skill is designed to ingest and process arbitrary content from Reddit. This external data is untrusted and could contain malicious instructions designed to manipulate the agent (Tool Output Poisoning).\n
Ingestion points: Reddit posts and comments retrieved via the semantic search and trends endpoints.\n
Boundary markers: Absent; no delimiters or instructions to ignore embedded commands are visible in the documentation.\n
Capability inventory: The skill utilizes curl for network requests and python3 for data processing, providing a surface for command-based activities.\n
Sanitization: No sanitization or filtering of the retrieved Reddit content is demonstrated.\n- External Downloads (MEDIUM): Installation instructions use npx skills add to download the skill from an untrusted external repository (lignertys/reddit-research-skills).\n- Command Execution (LOW): The skill's implementation patterns rely on shell-based commands (curl) and piped python3 -c snippets, which increase the potential attack surface.\n- Data Exfiltration (LOW): The skill performs network operations to reddapi.dev. While this is the intended service, it is a non-whitelisted third-party domain that represents an external communication channel.

reddapi