Skills
skills/muzhicaomingwang/ai-ideas/research-by-reddit/Gen Agent Trust Hub

research-by-reddit

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • PROMPT_INJECTION (LOW): The skill is vulnerable to indirect prompt injection via the ingestion of user-generated content from Reddit.
  • Ingestion points: Reddit thread titles, post bodies, and user comments are retrieved using scripts/fetch_posts.py and scripts/search_reddit.py.
  • Boundary markers: Absent. The skill does not use delimiters or specific prompt engineering to isolate the fetched data from instructions, making it possible for the LLM to follow commands embedded in the Reddit content.
  • Capability inventory: The skill allows access to Bash, Write, and Read tools, which provides a functional attack surface if the agent is successfully subverted.
  • Sanitization: Content is truncated but not sanitized for prompt injection patterns before being analyzed by the AI.
  • EXTERNAL_DOWNLOADS (SAFE): The skill depends on standard Python libraries like praw and anthropic from PyPI, which are trusted sources for this use case.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:25 PM