Skip to main content

reddit-api

Integrates Reddit data into applications using PRAW and Snoowrap for fetching posts, comments, and user data.

Install this skill

or
47/100

Security score

The reddit-api skill was audited on Jun 8, 2026 and we found 29 security issues across 4 threat categories. Review the findings below before installing.

Categories Tested

Security Issues

medium line 241

Template literal with variable interpolation in command context

SourceSKILL.md
241console.log(`${post.title} - ${post.score} upvotes`);
medium line 259

Template literal with variable interpolation in command context

SourceSKILL.md
259console.log(`${comment.author.name}: ${comment.body.slice(0, 100)}`);
medium line 378

Template literal with variable interpolation in command context

SourceSKILL.md
378const auth = Buffer.from(`${this.clientId}:${this.clientSecret}`).toString("base64");
medium line 383

Template literal with variable interpolation in command context

SourceSKILL.md
383Authorization: `Basic ${auth}`,
medium line 398

Template literal with variable interpolation in command context

SourceSKILL.md
398`https://oauth.reddit.com/r/${subreddit}/${sort}?limit=${limit}`,
medium line 401

Template literal with variable interpolation in command context

SourceSKILL.md
401Authorization: `Bearer ${this.accessToken}`,
low line 380

Fetch to external URL

SourceSKILL.md
380const response = await fetch("https://www.reddit.com/api/v1/access_token", {
low line 36

Access to .env file

SourceSKILL.md
36# .env
low line 85

Access to .env file

SourceSKILL.md
85env_file = ".env"
low line 222

Access to .env file

SourceSKILL.md
222clientId: process.env.REDDIT_CLIENT_ID!,
low line 223

Access to .env file

SourceSKILL.md
223clientSecret: process.env.REDDIT_CLIENT_SECRET!,
low line 224

Access to .env file

SourceSKILL.md
224username: process.env.REDDIT_USERNAME!,
low line 225

Access to .env file

SourceSKILL.md
225password: process.env.REDDIT_PASSWORD!,
low line 504

Access to .env file

SourceSKILL.md
504├── .env
low line 14

External URL reference

SourceSKILL.md
14**Sources:** [Reddit API Docs](https://www.reddit.com/dev/api/) | [OAuth2 Wiki](https://github.com/reddit-archive/reddit/wiki/oauth2) | [PRAW Docs](https://praw.readthedocs.io/)
low line 22

External URL reference

SourceSKILL.md
221. Go to https://www.reddit.com/prefs/apps
low line 30

External URL reference

SourceSKILL.md
30- **Redirect URI**: `http://localhost:8000/callback` (for dev)
low line 158

External URL reference

SourceSKILL.md
158url="https://example.com"
low line 275

External URL reference

SourceSKILL.md
275url: "https://example.com",
low line 309

External URL reference

SourceSKILL.md
309"https://www.reddit.com/api/v1/access_token",
low line 327

External URL reference

SourceSKILL.md
327f"https://oauth.reddit.com/r/{subreddit}/{sort}",
low line 380

External URL reference

SourceSKILL.md
380const response = await fetch("https://www.reddit.com/api/v1/access_token", {
low line 398

External URL reference

SourceSKILL.md
398`https://oauth.reddit.com/r/${subreddit}/${sort}?limit=${limit}`,
low line 430

External URL reference

SourceSKILL.md
430REDIRECT_URI = "http://localhost:8000/callback"
low line 438

External URL reference

SourceSKILL.md
438f"https://www.reddit.com/api/v1/authorize"
low line 457

External URL reference

SourceSKILL.md
457"https://www.reddit.com/api/v1/access_token",
low line 489

External URL reference

SourceSKILL.md
489Full list: https://www.reddit.com/api/v1/scopes
low line 585

External URL reference

SourceSKILL.md
585| Auth token | `POST https://www.reddit.com/api/v1/access_token` |
low line 586

External URL reference

SourceSKILL.md
586| API requests | `https://oauth.reddit.com/...` |
Scanned on Jun 8, 2026
View Security Dashboard
Installation guide →
GitHub Stars 691
Rate this skill
Categorymarketing
UpdatedJune 10, 2026
openclawapigrowth-marketerproduct-marketercontent-marketermarketing
alinaqi/maggy