Reddit Explore

Security checks across malware telemetry and agentic risk

Overview

This skill coherently searches Reddit through Apify and summarizes public posts, with no artifact-backed evidence of hidden or destructive behavior.

Install only if you trust the publisher and are comfortable providing an Apify token. Search terms will be sent to Apify/Reddit-related services and may incur Apify usage costs, so avoid confidential queries and use a limited token where possible.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 96% confidence
Finding: The skill sends user-provided search terms to Apify's external Reddit scraper service, but the instructions do not warn the user that their query will leave the local system and be processed by a third party. This can expose sensitive topics, proprietary terms, or personal information if users enter confidential queries, especially because the skill encourages free-form topic input.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal