Skills
skills/phy041/claude-agent-skills/reddit-cultivate/Gen Agent Trust Hub

reddit-cultivate

Fail

Audited by Gen Agent Trust Hub on Mar 29, 2026

Risk Level: HIGHCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses osascript to control the system and the Google Chrome application. It also uses python3 to execute code that interacts with the system clipboard via pbcopy to facilitate automated console entry.
  • [REMOTE_CODE_EXECUTION]: The skill generates and executes JavaScript within a browser tab via AppleScript. This code makes authenticated network requests to Reddit's API, performing state-changing actions and retrieving private data.
  • [DATA_EXFILTRATION]: Sensitive user data, including the Reddit modhash (required for authenticated POST requests) and account metrics, is extracted from the user's active browser session. This data is transferred to the agent by temporarily modifying the browser's document.title and reading it back via AppleScript.
  • [PROMPT_INJECTION]: The skill processes untrusted data from Reddit post titles and content to draft replies, which represents an indirect prompt injection surface.
  • Ingestion points: Reddit rising post data (SKILL.md).
  • Boundary markers: None identified in the processing of external post data.
  • Capability inventory: Unrestricted execution of JavaScript in the user's browser, retrieval of session secrets, and local command execution.
  • Sanitization: No sanitization or verification of the fetched external data is implemented before it is processed by the agent.
Recommendations
  • HIGH: Downloads and executes remote code from: unknown (check file) - DO NOT USE without thorough review
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Mar 29, 2026, 09:44 AM