reddit-scraper
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: Provides a Python script (
scripts/search_reddit.py) for scraping Reddit. The script uses therequestslibrary to communicate with the Apify API and does not perform any unauthorized or dangerous system operations. - [EXTERNAL_DOWNLOADS]: The skill requires the standard
requestsPython package for API communication. - [PROMPT_INJECTION]: The skill processes untrusted content from Reddit, creating a surface for indirect prompt injection. Ingestion points:
scripts/search_reddit.py(fetches data from Apify datasets). Boundary markers: Absent. Capability inventory: Standard agent capabilities including file system access and network operations. Sanitization: Absent. - [SAFE]: Communicates with
api.apify.com, which is a well-known technology service for web scraping. This network activity is consistent with the skill's stated purpose. - [SAFE]: Employs best practices for secret management by instructing users to provide API tokens via environment variables rather than hardcoding them.
Audit Metadata