reddit-search-api

[Skill Scanner] Natural language instruction to download and install from URL detected This skill is functionally consistent with its stated purpose: it documents calls to a third-party Reddit data provider and requires an API key. The main supply-chain/security concern is that it directs credentials and user queries to a non-official endpoint (reddapi.dev). That pattern can be legitimate but also enables credential exposure or data collection by the third party. There is no evidence of obfuscated or malicious code inside the skill file itself. Recommend treating the service as untrusted until reddapi.dev is verified: avoid reusing secrets with other services, audit the provider's privacy/terms, and prefer official APIs when handling sensitive data. LLM verification: No direct malicious code is present in the reviewed files (documentation and examples only). Main risks are supply‑chain and privacy/trust: the skill requires sending an API key and user queries to a non‑official third‑party service (reddapi.dev) that makes strong operational claims. Treat the API key as sensitive, avoid sending secrets or sensitive PII, review reddapi.dev privacy/terms, and prefer official or audited providers. If integrating this skill, require short‑lived credentials, restric