Reddit Intelligence For Agents
Security checks across malware telemetry and agentic risk
Overview
The skill is a coherent Reddit research CLI, with expected notes around installing an external npm tool, using a ReddGrow API key, and consuming service credits.
Before installing, make sure you trust the @reddgrow/cli npm package and ReddGrow service, use a dedicated API key, and set expectations for large or repeated queries because they can consume account credits.
VirusTotal
66/66 vendors flagged this skill as clean.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Repeated or large autonomous queries could spend ReddGrow credits even though the commands are read-only.
The skill discloses that commands consume service credits and gives guidance for batch operations, so the behavior is purpose-aligned but has cost/quota impact.
ALWAYS check `reddgrow auth whoami` before large batch operations to avoid credit exhaustion
Set clear limits for batch or high-volume use and require user confirmation before large searches or monitoring-style workflows.
Anyone or any process with access to the saved key may be able to use the user's ReddGrow account quota or permissions.
The CLI requires and can persist a ReddGrow API key; this is expected for the service but is still account-level credential handling.
reddgrow auth login <key> # save API key (run once)
Use a dedicated ReddGrow API key, avoid exposing it in shared logs or prompts, and revoke or rotate it if the environment is no longer trusted.
Installing the package adds executable code to the local environment.
The skill depends on installing an external global npm package that creates the `reddgrow` executable; this is normal for a CLI skill but requires trusting that package source.
npm install -g @reddgrow/cli
Install only from the expected package source, prefer a pinned/trusted version where possible, and review package provenance if using it in sensitive environments.