Skills
skills/gooseworks-ai/goose-skills/reddit-post-finder/Gen Agent Trust Hub

reddit-post-finder

Pass

Audited by Gen Agent Trust Hub on Apr 10, 2026

Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill processes untrusted Reddit data, which establishes a surface for indirect prompt injection.
  • Ingestion points: The run_apify_actor function in scripts/search_reddit.py retrieves results from Apify datasets.
  • Boundary markers: There are no explicit markers or instructions to isolate external data from the agent's instructions.
  • Capability inventory: The skill can make network requests but cannot write to the file system or execute arbitrary shell commands.
  • Sanitization: No sanitization is performed on the data fetched from Reddit.
  • [DATA_EXFILTRATION]: The skill performs network operations using the requests library to connect to the Apify API (api.apify.com) and the vendor's proxy (api.gooseworks.ai), which are recognized services.
  • [COMMAND_EXECUTION]: The skill documentation provides instructions for running a Python-based CLI tool to manage search queries and filters.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 10, 2026, 10:48 AM