reddit-automation
Pass
Audited by Gen Agent Trust Hub on Apr 4, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted data from Reddit, presenting an indirect prompt injection surface. Evidence: 1. Ingestion points: REDDIT_SEARCH_ACROSS_SUBREDDITS, REDDIT_RETRIEVE_POST_COMMENTS, REDDIT_GET_R_TOP (SKILL.md); 2. Boundary markers: Absent; 3. Capability inventory: Reddit write access via REDDIT_CREATE_REDDIT_POST and REDDIT_POST_REDDIT_COMMENT (SKILL.md); 4. Sanitization: Absent.
- [EXTERNAL_DOWNLOADS]: The skill requires connecting to an external MCP endpoint (https://rube.app/mcp) to access the Reddit toolkit. This is a documented requirement for its intended functionality.
Audit Metadata