reddit-community-builder
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection as its primary function involves processing untrusted external data.
- Ingestion points: Processes external Reddit data as described in
SKILL.md(e.g., monitoring brand mentions, analyzing community cultures, and reading subreddit rules). - Boundary markers: No delimiters or explicit instructions to ignore embedded commands within ingested Reddit content are defined.
- Capability inventory: No executable capabilities, subprocess calls, or network operations are defined in the skill's current files (
SKILL.md,references/agents/reddit-community-builder.md). - Sanitization: There is no evidence of sanitization or validation logic for the external content processed by the agent.
- [NO_CODE]: The skill package does not contain any executable scripts, binary files, or source code, consisting solely of Markdown configuration and system prompts.
Audit Metadata