ClawHub

Reddit Spy

Security checks across malware telemetry and agentic risk

Overview

This skill is a read-only Reddit analysis tool, but it deliberately uses stealth scraping, Tor/proxy routing, credentials, and persistent session state in ways users should review carefully before installing.

Install only if you intentionally want a stealth Reddit scraping and analysis tool and accept the compliance, account, privacy, and local-session risks. Use a throwaway or least-privilege Reddit account, avoid entering sensitive credentials, do not point it at private individuals without a legitimate basis, review or disable Tor/proxy/browser fallback behavior, and clear ~/.openclaw/.reddit-spy-cache after use.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (17)

Lp3

Medium
Category
MCP Least Privilege
Confidence
92% confidence
Finding
The skill advertises executable behavior that uses environment variables, file access, and network access, but the manifest does not declare permissions or clearly bound those capabilities. That creates a transparency and policy-enforcement gap: users and platforms cannot accurately assess or constrain what the skill can access before execution.

Tp4

High
Category
MCP Tool Poisoning
Confidence
89% confidence
Finding
The skill description understates the implemented behavior by omitting user profiling, bulk scanning, health probing, and especially Tor-based access. Description-behavior mismatches are dangerous because they prevent informed consent and can hide sensitive or evasive functionality behind a narrower stated purpose.

Description-Behavior Mismatch

Medium
Confidence
89% confidence
Finding
The file includes fetch_user_posts(), which expands collection from subreddit content to user-level activity. In a tool presented as subreddit-focused intelligence, this broadens surveillance capability and can enable profiling or monitoring of individual users beyond the declared scope, increasing privacy and misuse risk.

Context-Inappropriate Capability

Medium
Confidence
93% confidence
Finding
This module is explicitly designed to rotate realistic browser fingerprints and maintain session-stable spoofed identities, which supports evasion of platform bot detection rather than ordinary API or browsing functionality. In the context of a skill marketed as 'Stealth Reddit intelligence' with fallback stealth collection paths, this materially increases the ability to bypass service protections and conduct covert scraping at scale.

Description-Behavior Mismatch

Medium
Confidence
94% confidence
Finding
The script’s advertised scope is subreddit intelligence, but it also includes a dedicated user-intelligence workflow that profiles an individual Reddit account by aggregating posting history, subreddit distribution, and inferred patterns. That scope expansion materially increases privacy risk and enables targeted surveillance of individuals without any disclosure, consent guardrails, or access restrictions.

Natural-Language Policy Violations

Medium
Confidence
95% confidence
Finding
The skill explicitly promotes stealthy access 'without getting blocked' and prioritizes evasion mechanisms rather than normal, transparent access. In context, that increases abuse potential by enabling terms-of-service circumvention, anti-bot evasion, and harder-to-audit collection behavior against a third-party service.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The markdown instructs users to route traffic through Tor and optional external proxies but does not provide a prominent warning about privacy, compliance, attribution, and operational risks. This is dangerous because users may unknowingly send requests through third-party infrastructure, exposing data and masking origin in ways that violate policy or create investigative blind spots.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The manifest requests highly sensitive credentials (Reddit client ID/secret, username/password) and a proxy URL, but provides no user-facing disclosure of why each secret is needed, how it will be used, or what network destinations it may enable. In the context of a 'stealth' scraping/intelligence skill explicitly designed to avoid blocking, this increases the risk of credential misuse, account abuse, and covert traffic routing through attacker-controlled infrastructure.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The code persists Playwright browser storage state, including cookies and potentially other session data, to a predictable file under the user's home directory without any consent, disclosure, retention limit, or protection controls. In a tool explicitly designed for stealth browsing and bot-detection evasion, this increases the privacy and security risk because authentication state or tracking identifiers may be silently retained and later reused or exposed to other local processes/users.

Missing User Warnings

Low
Confidence
88% confidence
Finding
The skill creates a hidden cache directory under the user's home directory for browser cookies/state without any visible notice in the code path. While directory creation alone is not severe, in this context it supports silent long-term storage of browsing/session artifacts for a stealth scraping tool, which can surprise users and expand the local privacy footprint.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The module is explicitly designed to route requests through multiple outbound layers including Tor, stealth HTTP, browser automation, and PullPush, yet the code provides no consent gate or prominent warning before using those channels. In the context of a 'Stealth Reddit intelligence' skill, this is more dangerous because the stealth framing indicates deliberate evasion and hidden network behavior, which can violate user expectations, policy boundaries, or third-party terms while obscuring where data is sent.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
When Reddit OAuth is configured, the cascade silently prioritizes authenticated requests, which may use stored credentials or elevated account access without clear disclosure at call time. In this skill's stealth-oriented context, undisclosed authenticated access increases the risk of unintended account use, rate-limit evasion, and actions being attributed to a user's Reddit identity.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The client sends user-controlled subreddit names, search queries, and usernames to the third-party PullPush service, which is an external data disclosure boundary. Even though this is expected for the feature to work, the code provides no consent, warning, minimization, or documentation at the call site, so potentially sensitive investigative targets or search terms may be exposed to the provider and logged externally.

Missing User Warnings

Low
Confidence
87% confidence
Finding
The availability probe performs a real outbound request to PullPush without explicit user awareness. While the request is low sensitivity, it still leaks tool usage metadata such as source IP, timing, and that this environment is interacting with the service.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The code persists all session cookies to a predictable file under the user's home directory without access controls, disclosure, or minimization. On shared systems or insecure environments, these cookies may expose Reddit session state or tracking identifiers and can be reused by other local processes or users.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The Tor control password falls back to a hardcoded default value, which means anyone with local access to the Tor control port and knowledge of the code can authenticate and issue control commands such as rotating circuits. In a tool explicitly designed for stealth Reddit access, this weakens operational security and can enable unauthorized manipulation or information gathering if the control port is exposed or misconfigured.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The user-intel command performs behavioral profiling of a named Reddit user and outputs posting patterns and subreddit activity without any user-facing warning or policy control. In the context of a 'stealth' intelligence tool, this increases the likelihood of misuse for surveillance, harassment, or deanonymization, making the privacy issue more serious than a generic analytics feature.

VirusTotal

57/57 vendors flagged this skill as clean.

View on VirusTotal