Back to skill

Security audit

Reddit Publisher

Security checks across malware telemetry and agentic risk

Overview

This skill is not malware-like, but it can publish Reddit posts through a connected account and includes guidance to make AI-written posts sound human, so users should review it carefully before installing.

Install only if you intentionally want an agent to research Reddit and create or schedule posts through your connected Late/Reddit account. Manually review the account, subreddit, title, body, flair, and schedule before every posting command, follow subreddit disclosure and promotion rules, and protect or rotate the ScrapeCreators and Late API keys if they may have been exposed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Rogue AgentSelf-Modification, Session Persistence
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Lp3

Medium
Category
MCP Least Privilege
Confidence
91% confidence
Finding
The skill declares access to environment variables, config files, and network-reachable APIs, but there is no explicit permissions section warning users or agents about those capabilities. That makes the trust boundary unclear and can lead to unreviewed use of API keys, local files, and outbound requests during execution.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill supports creating and scheduling public Reddit posts but does not prominently warn that these are external, public, and potentially irreversible account actions. In an agent setting, that omission increases the chance of accidental posting, reputational harm, spam, or unauthorized use of a connected account.

Natural-Language Policy Violations

High
Confidence
97% confidence
Finding
The description emphasizes making posts 'sound human' and includes a built-in anti-AI-slop pass, which frames the tool around concealing AI involvement rather than simply improving clarity. That can facilitate deceptive impersonation, evasion of platform or community norms, and misuse of third-party accounts for covert automated posting.

Natural-Language Policy Violations

High
Confidence
98% confidence
Finding
The mandatory instructions explicitly direct the agent to strip AI-signaling phrases and structures so output appears human-authored. In context, this is more dangerous because the same skill can directly publish to Reddit, enabling end-to-end generation plus deceptive dissemination with minimal friction.

Session Persistence

Medium
Category
Rogue Agent
Content
### ScrapeCreators (reading Reddit)
1. Get an API key at [scrapecreators.com](https://scrapecreators.com)
2. Save it: `mkdir -p ~/.config/scrapecreators && echo "YOUR_KEY" > ~/.config/scrapecreators/api_key && chmod 600 ~/.config/scrapecreators/api_key`

### Late (posting to Reddit)
1. Get an API key at [getlate.dev](https://getlate.dev)
Confidence
83% confidence
Finding
mkdir -p ~/.config/scrapecreators && echo "YOUR_KEY" > ~/.config/scrapecreators/api_key && chmod 600 ~/.config/scrapecreators/api_key` ### Late (posting to Reddit) 1. Get an API key at [getlate.dev](

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.