reddit-icp-monitor
Pass
Audited by Gen Agent Trust Hub on Apr 20, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection when processing Reddit post content. • Ingestion points: Untrusted Reddit post data (title, body, and metadata) is retrieved from the Reddit API in Step 3 of SKILL.md. • Boundary markers: Absent. The untrusted data is directly interpolated into JSON templates for scoring (Step 4) and drafting (Step 5) in SKILL.md without the use of delimiters or instructions to ignore embedded commands. • Capability inventory: The skill executes local shell commands (curl, python3, cat) and performs file system operations (write to /tmp), but it does not execute the retrieved data directly. • Sanitization: Absent. The skill does not escape, validate, or filter the external content before passing it to the LLM.
Audit Metadata