Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Reddit Skill
v0.1.0Use ThreadPilot to manage Reddit account workflows (login, whoami, comments, replies, posts, subreddits, subscribe, read, search, rules, like, and post) with...
⭐ 0· 386·1 current·1 all-time
byArtem Vysotsky@vood
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description (Reddit workflows via ThreadPilot) matches the runtime instructions (whoami, login, read, like, post). However, the registry lists no required environment variables or primary credential while the README/SKILL.md enumerate many sensitive env vars (REDDIT_ACCESS_TOKEN, REDDIT_BROWSER_PROFILE, etc.) — a mismatch between declared requirements and actual usage.
Instruction Scope
SKILL.md instructs running scripts/threadpilot commands and explicitly references environment variables and browser profile paths. It also directs auto-bootstrap from github.com/vood/threadpilot (download release or clone/build). The skill may therefore read local files (browser profiles, cache dirs) and run downloaded binaries/source code — actions beyond mere 'read-only' browsing and proportionally broader than the declared manifest.
Install Mechanism
There is no install spec in the registry, but the README and SKILL.md describe auto-installing threadpilot from GitHub releases or cloning and building source. Downloading and executing a release asset or building cloned code at runtime is higher risk than an instruction-only skill; although GitHub releases are a reasonable source, auto-bootstrap means arbitrary remote code may be fetched and executed without an install policy in the registry.
Credentials
The registry declares no required env vars, yet the documentation lists numerous variables including sensitive ones (REDDIT_ACCESS_TOKEN, REDDIT_BROWSER_PROFILE, THREADPILOT_BIN, REDDIT_PROXY). The mismatch means the agent could ask for or use secrets that were not signaled up-front; requiring browser profile paths or access tokens is plausible for this purpose but should be explicitly declared and justified.
Persistence & Privilege
always:false and no heavy privileges requested. The skill's bootstrap/cache behavior will create a .threadpilot cache and may write binaries locally if installing — expected for CLI tools, but it does alter local disk state. It does not request system-wide always-on presence or modification of other skills.
What to consider before installing
This skill appears to implement legitimate Reddit CLI workflows, but there are notable inconsistencies you should address before installing: 1) The registry declares no required credentials but the README/SKILL.md reference many sensitive env vars (e.g., REDDIT_ACCESS_TOKEN, browser profile paths) — only supply tokens or profiles if you trust the upstream code and are prepared for local access. 2) The skill will auto-download or clone/build the threadpilot binary from GitHub at runtime; review the target repos (vood/threadpilot and vood/reddit-skill) and their release artifacts before allowing network installs. 3) Because the package is instruction-only and does not bundle the scripts it references, confirm which scripts will run and where they come from. 4) Prefer running this in an isolated environment or test account, avoid reusing real Reddit credentials until you audit the upstream code, and consider setting THREADPILOT_RELEASE_BASE_URL to a vetted mirror or performing a manual install after inspection. The absence of regex scanner findings is not a guarantee of safety — it only means there was no code for the scanner to analyze.Like a lobster shell, security has layers — review code before you run it.
latestvk972znjz0pjbj5yext7tw2pshx81z7s5
License
MIT-0
Free to use, modify, and redistribute. No attribution required.