ClawHub

Search Reddit

Security checks across malware telemetry and agentic risk

Overview

This skill does what it says: it searches Reddit through OpenAI and enriches results with public Reddit thread data, with no hidden persistence or destructive behavior found.

Install only if you are comfortable sending search queries to OpenAI and making public Reddit requests. Use a dedicated OpenAI API key if possible, monitor usage costs, and treat returned Reddit content as untrusted public web text.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
88% confidence
Finding
The skill documentation indicates access to environment variables and API keys, but no explicit permissions are declared. In an agent-skill setting, undeclared access to secrets increases the chance that the runtime grants broader capabilities than users expect, undermining transparency and consent around secret handling.

Tp4

High
Category
MCP Tool Poisoning
Confidence
93% confidence
Finding
The stated behavior says the skill searches Reddit via OpenAI web_search, but the documented behavior also includes direct Reddit JSON retrieval and reading API credentials from local config. This mismatch is dangerous because it hides materially different capabilities—network access to additional endpoints and local secret/config access—from reviewers and users, making overprivileged or unexpected data access more likely.

Missing User Warnings

Medium
Confidence
78% confidence
Finding
The skill silently reads credentials from a local config file without telling the user in its help/output, which can violate user expectations about what local secrets a tool accesses. In a security-sensitive agent environment, undisclosed secret access increases trust and auditability risk even if the key is only used for the advertised OpenAI call.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal