Pain Point Finder
PassAudited by ClawScan on May 10, 2026.
Overview
This appears to be a purpose-aligned Reddit research tool, though it contacts PullPush and has a version mismatch users should verify.
This skill looks reasonable for public Reddit research. Before installing, verify the version mismatch and avoid entering sensitive internal terms as search queries, since the tool sends them to the PullPush API. The displayed main script content was truncated in the supplied artifacts, so confidence is medium rather than high.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Your domain keywords, subreddit choices, and post IDs may be sent to PullPush while researching Reddit pain points.
The skill makes external HTTPS requests to PullPush. This is disclosed and necessary for the stated Reddit research purpose, but it means user-provided search terms and targets leave the local environment.
const PULLPUSH_HOST = 'api.pullpush.io'; ... const req = https.get({
hostname: PULLPUSH_HOST,Avoid using confidential internal project names or sensitive search terms unless you are comfortable sending them to PullPush.
It may be unclear which exact version of the skill is being installed or reviewed.
The registry metadata reports version 1.0.0, while supplied files such as package.json and .clawhub/origin.json report 2.0.0. This is a provenance/version-coherence issue, not evidence of malicious behavior.
Version: 1.0.0
Verify the package version and source before installing, especially if you rely on reproducible reviews or pinned versions.