Reddit (read only - no auth)
Security checks across malware telemetry and agentic risk
Overview
This skill appears to be a disclosed read-only Reddit browsing helper that runs a local Node script and sends user-directed Reddit queries to Reddit only.
Install only if you are comfortable with a local Node script making public requests to reddit.com and sending the subreddit names, search terms, and post URLs you ask it to inspect. No Reddit credentials are required, and the visible artifacts do not show posting or account mutation.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
65/65 vendors flagged this skill as clean.