reddit-readonly
Pass
Audited by Gen Agent Trust Hub on Mar 19, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill fetches and processes untrusted content from Reddit, which could contain instructions meant to influence the AI's behavior.
- Ingestion points: Commands in SKILL.md (posts, search, comments, find) retrieve data from external Reddit JSON endpoints.
- Boundary markers: SKILL.md does not specify delimiters or instructions to treat fetched content as untrusted data.
- Capability inventory: SKILL.md references a local Node.js script for network requests; no capabilities for file modification or arbitrary command execution were identified.
- Sanitization: There is no mention of sanitization or filtering of the fetched content in SKILL.md or references/OUTPUT_SCHEMA.md.
Audit Metadata