reddit-readonly
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: No malicious instructions, bypass attempts, or safety filter overrides detected in the skill definitions.
- [DATA_EXFILTRATION]: Network operations are restricted to Reddit's public API (reddit.com). No sensitive local file access or hardcoded credentials were found. Configuration is handled through non-sensitive environment variables for request pacing.
- [COMMAND_EXECUTION]: The skill executes a local Node.js script using predefined arguments. It does not spawn arbitrary shell commands or use unsafe string interpolation for process execution.
- [REMOTE_CODE_EXECUTION]: The skill does not download or execute remote scripts. It uses the native Node.js fetch API to retrieve structured JSON data from a well-known service.
- [INDIRECT_PROMPT_INJECTION]:
- Ingestion points: The skill fetches untrusted post and comment data from Reddit via
scripts/reddit-readonly.mjs. - Boundary markers: None explicitly defined in the prompt interpolation, but the script returns structured JSON which acts as a natural boundary.
- Capability inventory: The skill is read-only; it has no file-write, account-modification, or non-Reddit network capabilities.
- Sanitization: The script truncates long text bodies to prevent context window exhaustion, though it does not filter the content for injection strings. This is a standard risk for data-retrieval tools and is considered low risk given the read-only scope.
Audit Metadata