scrapesocial-reddit
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of the
scrapesocialCLI package from the public NPM registry. - [COMMAND_EXECUTION]: Functions by executing
scrapesocialCLI commands to interact with the Scrape Creators API for data retrieval. - [PROMPT_INJECTION]: Contains a surface for indirect prompt injection due to the ingestion of external data from Reddit.
- Ingestion points: Reddit search results, subreddit posts, comments, and ad data fetched via the CLI (SKILL.md).
- Boundary markers: No specific delimiters or safety instructions are defined to separate ingested Reddit content from the agent's internal logic.
- Capability inventory: The skill executes shell commands to interact with the external Scrape Creators API.
- Sanitization: No sanitization or filtering of the retrieved Reddit content is documented in the instructions.
Audit Metadata