ClawHub

Reddit Search

v1.0.2

Search Reddit for subreddits and get information about them.

4· 3.3k·21 current·24 all-time
bySeth Rose@thesethrose
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (search Reddit and get subreddit info) match the included CLI script. Required binaries (node, npx) and dependency on axios are appropriate for a Node-based HTTP client tool. Nothing requested that is unrelated to Reddit querying.
Instruction Scope
SKILL.md instructs running the provided script with specific commands and arguments. The script only performs HTTPS GETs to reddit.com JSON endpoints and prints results; it does not read arbitrary filesystem paths, environment variables, or send data to unexpected external endpoints.
Install Mechanism
There is no install spec (instruction-only), which is lowest-risk. Package.json and package-lock.json are present but no automatic install is requested—this means the runtime must have node (and dependencies installed) for the script to run; from a security perspective there is no remote download/extract behavior to review.
Credentials
The skill requests no environment variables or credentials and does not access any config paths. That is proportionate to a public-API Reddit search tool.
Persistence & Privilege
The skill is not 'always' enabled and makes no changes to other skills or system-wide config. It only runs as an invoked CLI script and does not persist credentials or alter agent configuration.
Assessment
This skill appears to do exactly what it says: a small Node CLI that queries Reddit's public JSON endpoints and prints results. It requires node (and the axios dependency) to be available; because there is no install step included, make sure dependencies are installed (npm install) before running. It does not request secrets or access files beyond the script. As always, only run code from sources you trust — you can inspect scripts/reddit-search.ts yourself (it is short and readable) to confirm there's no unexpected network endpoint or behavior before installing or allowing autonomous invocation.

Like a lobster shell, security has layers — review code before you run it.

latestvk974w45mg34t31q8wt2hrnx98h7zerrr

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

📮 Clawdis
Binsnode, npx

Comments