Reddit (read only - no auth)

Browse and search Reddit in read-only mode using public JSON endpoints. Use when the user asks to browse subreddits, search for posts by topic, inspect comment threads, or build a shortlist of links to review and reply to manually.

This skill appears to do what it says (read-only Reddit browsing) and requires only Node. Before installing: (1) confirm you run Node 18+ (the script uses the global fetch API); (2) review that you're comfortable running a local Node script that makes outbound HTTP(S) requests — the code will fetch any full URL if passed one, which could reach internal services if an input is malicious or misused; (3) there are no secrets requested and it does not post or modify Reddit content, but run it in a sandbox or with network controls if you’re concerned about arbitrary-host fetching; (4) if you want the skill to be stricter, ask the author to restrict buildUrl to reddit.com only and to state the Node version requirement in SKILL.md.

Type: OpenClaw Skill Name: reddit-read-only Version: 1.0.0 The OpenClaw skill bundle is benign. The `SKILL.md` clearly states its read-only purpose and provides agent instructions that align with responsible usage, without any prompt injection attempts to subvert the agent. The `scripts/reddit-readonly.mjs` script exclusively interacts with `https://www.reddit.com` and reads only specific environment variables (`REDDIT_RO_MIN_DELAY_MS`, `REDDIT_RO_MAX_DELAY_MS`, `REDDIT_RO_TIMEOUT_MS`, `REDDIT_RO_USER_AGENT`) related to its own rate-limiting and user-agent configuration, not sensitive system credentials. There is no evidence of data exfiltration, malicious execution, persistence, or obfuscation.