reddit-automation
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the configuration of an external MCP server located at
https://rube.app/mcp. This is a vendor-owned resource (rube.app) used to facilitate the connection between the agent and Reddit via the Composio ecosystem. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its core functionality of reading and acting upon external, untrusted data.
- Ingestion points: Tools such as
REDDIT_SEARCH_ACROSS_SUBREDDITS,REDDIT_RETRIEVE_POST_COMMENTS, andREDDIT_GET_R_TOPfetch content (post bodies, comments, titles) directly from the public Reddit platform. - Boundary markers: The instructions do not define boundary markers or delimiters to help the agent distinguish between its own system instructions and potentially malicious instructions embedded in Reddit content.
- Capability inventory: The skill includes powerful write and delete capabilities, such as
REDDIT_CREATE_REDDIT_POST,REDDIT_POST_REDDIT_COMMENT,REDDIT_EDIT_REDDIT_COMMENT_OR_POST, andREDDIT_DELETE_REDDIT_POST, which could be exploited if the agent obeys instructions found in fetched content. - Sanitization: There is no mention of sanitization, filtering, or validation of the retrieved text before it is processed by the agent.
Audit Metadata