The Agent Skills Directory

[COMMAND_EXECUTION]: The skill constructs shell commands using placeholders such as {SUBREDDIT} that are replaced with user-provided input. If the agent does not properly sanitize these inputs, it could lead to command injection vulnerabilities.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8). It retrieves data from external sources (Reddit rules and top posts) and incorporates this untrusted content into system instructions for the Gemini API call. This could allow an attacker who controls a subreddit's metadata to influence the generated output. 1. Ingestion points: Reddit API endpoints (rules.json, top.json, and about.json) referenced in SKILL.md. 2. Boundary markers: No delimiters or warnings are used to isolate the fetched content. 3. Capability inventory: The skill can execute shell commands, write to temporary files, and post to Reddit via the Composio MCP. 4. Sanitization: No evidence of escaping or validation of the external content before it is processed.
[EXTERNAL_DOWNLOADS]: The skill fetches community data from Reddit's public API and interacts with the Google Gemini API for content generation. It identifies itself using a vendor-specific User-Agent (varnan-skills).

reddit-post-engine