Safety Report

Reddit Search

Name: Reddit Search
Rating: 5 (3 reviews)
Author: TheSethRose

@TheSethRose

Search Reddit for subreddits and get information about them.

2,588Downloads

19Installs

3Stars

3Versions

Search & Retrieval2,116

Security Analysis

high confidence

Clean

The skill is internally consistent: it runs a local Node CLI that queries Reddit's public JSON endpoints, requires no credentials or unusual privileges, and its instructions match the code.

Feb 11, 20264 files

Purpose & Capabilityok

Name/description (search Reddit and get subreddit info) match the included CLI script. Required binaries (node, npx) and dependency on axios are appropriate for a Node-based HTTP client tool. Nothing requested that is unrelated to Reddit querying.

Instruction Scopeok

SKILL.md instructs running the provided script with specific commands and arguments. The script only performs HTTPS GETs to reddit.com JSON endpoints and prints results; it does not read arbitrary filesystem paths, environment variables, or send data to unexpected external endpoints.

Install Mechanismok

There is no install spec (instruction-only), which is lowest-risk. Package.json and package-lock.json are present but no automatic install is requested—this means the runtime must have node (and dependencies installed) for the script to run; from a security perspective there is no remote download/extract behavior to review.

Credentialsok

The skill requests no environment variables or credentials and does not access any config paths. That is proportionate to a public-API Reddit search tool.

Persistence & Privilegeok

The skill is not 'always' enabled and makes no changes to other skills or system-wide config. It only runs as an invoked CLI script and does not persist credentials or alter agent configuration.

Guidance

This skill appears to do exactly what it says: a small Node CLI that queries Reddit's public JSON endpoints and prints results. It requires node (and the axios dependency) to be available; because there is no install step included, make sure dependencies are installed (npm install) before running. It does not request secrets or access files beyond the script. As always, only run code from sources you trust — you can inspect scripts/reddit-search.ts yourself (it is short and readable) to confirm there's no unexpected network endpoint or behavior before installing or allowing autonomous invocation.

Latest Release

v1.0.2

Added .gitignore, removed unnecessary .env.example

More by @TheSethRose

Agent Browser

412 stars

Vercel Platform

16 stars

Context7 MCP

11 stars

Therapy Mode

10 stars

Notebook

7 stars

Pi Admin

3 stars

Published by @TheSethRose on ClawHub