Reddit Research 1.0.0
v1.0.0Automatically scans and summarizes Reddit posts in target subreddits to identify trending topics, recurring questions, and content gaps for research purposes.
⭐ 0· 68·1 current·1 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The skill claims to scan Reddit for research and only requires reading public Reddit .json feeds and writing research markdown files. It does not request unrelated credentials or install software, and its listed target subreddits and research outputs align with the described purpose. The only external capability referenced (Reddit MCP) is optional and noted as conditional.
Instruction Scope
Runtime instructions focus on fetching public Reddit .json endpoints, analyzing comment trees, and saving a research file. The skill includes strong prompt-injection guidance (explicitly forbids following instructions found in Reddit content) which is good. Minor ambiguity: some lines say 'Post here (education only...)' which could be misread as an instruction to post; elsewhere the SKILL.md explicitly says posting is manual. Clarify that the skill must not post autonomously to avoid accidental posting.
Install Mechanism
There is no install spec and no code files — this is instruction-only, so nothing is downloaded or written during install. This is low-risk from an installation perspective.
Credentials
The skill requires no environment variables or credentials. It does mention optional use of a 'reddit-mcp' auth profile if configured; that is an optional capability and not required. If you enable MCP, you will need to provide credentials for that system — those credentials are not requested by default in this skill's metadata.
Persistence & Privilege
The skill is not always-enabled and does not request elevated system privileges. It instructs the agent to write research markdown files to a shared vault path (shared/research/trends-YYYY-MM-DD.md and update vault-index.md), which is appropriate for a research skill but means the agent must have write access to that workspace — confirm you are comfortable with that file write location.
Assessment
This skill is largely coherent and low-risk because it only reads public Reddit JSON feeds and writes markdown research files. Before installing, confirm: (1) your agent is allowed to make outbound HTTP requests to reddit.com (the skill fetches many /.json URLs); (2) you are comfortable granting the agent write access to the specified shared/research and vault-index.md locations; (3) you will not provide Reddit/MCP credentials unless you intentionally enable that optional integration; (4) clarify the ambiguous wording that says 'Post here' so the agent (or future maintainers) do not interpret it as an instruction to autonomously post content — posting should remain manual as the SKILL.md intends; and (5) monitor request rates to avoid hitting Reddit rate limits. If you want higher assurance, ask the author to remove phrasing that could be misinterpreted as an automated posting instruction and to document exactly how optional MCP auth would be supplied and used.Like a lobster shell, security has layers — review code before you run it.
latestvk972xbqdyfm44pbhr2v7tpt88983nyqs
License
MIT-0
Free to use, modify, and redistribute. No attribution required.