Skip to main content

reddit-api

Integrates Reddit data into applications using PRAW and Snoowrap for fetching posts, comments, and user data.

Install this skill

or
47/100

Security score

The reddit-api skill was audited on Feb 12, 2026 and we found 29 security issues across 4 threat categories. Review the findings below before installing.

Categories Tested

Security Issues

medium line 239

Template literal with variable interpolation in command context

SourceSKILL.md
239console.log(`${post.title} - ${post.score} upvotes`);
medium line 257

Template literal with variable interpolation in command context

SourceSKILL.md
257console.log(`${comment.author.name}: ${comment.body.slice(0, 100)}`);
medium line 376

Template literal with variable interpolation in command context

SourceSKILL.md
376const auth = Buffer.from(`${this.clientId}:${this.clientSecret}`).toString("base64");
medium line 381

Template literal with variable interpolation in command context

SourceSKILL.md
381Authorization: `Basic ${auth}`,
medium line 396

Template literal with variable interpolation in command context

SourceSKILL.md
396`https://oauth.reddit.com/r/${subreddit}/${sort}?limit=${limit}`,
medium line 399

Template literal with variable interpolation in command context

SourceSKILL.md
399Authorization: `Bearer ${this.accessToken}`,
low line 378

Fetch to external URL

SourceSKILL.md
378const response = await fetch("https://www.reddit.com/api/v1/access_token", {
low line 34

Access to .env file

SourceSKILL.md
34# .env
low line 83

Access to .env file

SourceSKILL.md
83env_file = ".env"
low line 220

Access to .env file

SourceSKILL.md
220clientId: process.env.REDDIT_CLIENT_ID!,
low line 221

Access to .env file

SourceSKILL.md
221clientSecret: process.env.REDDIT_CLIENT_SECRET!,
low line 222

Access to .env file

SourceSKILL.md
222username: process.env.REDDIT_USERNAME!,
low line 223

Access to .env file

SourceSKILL.md
223password: process.env.REDDIT_PASSWORD!,
low line 502

Access to .env file

SourceSKILL.md
502├── .env
low line 12

External URL reference

SourceSKILL.md
12**Sources:** [Reddit API Docs](https://www.reddit.com/dev/api/) | [OAuth2 Wiki](https://github.com/reddit-archive/reddit/wiki/oauth2) | [PRAW Docs](https://praw.readthedocs.io/)
low line 20

External URL reference

SourceSKILL.md
201. Go to https://www.reddit.com/prefs/apps
low line 28

External URL reference

SourceSKILL.md
28- **Redirect URI**: `http://localhost:8000/callback` (for dev)
low line 156

External URL reference

SourceSKILL.md
156url="https://example.com"
low line 273

External URL reference

SourceSKILL.md
273url: "https://example.com",
low line 307

External URL reference

SourceSKILL.md
307"https://www.reddit.com/api/v1/access_token",
low line 325

External URL reference

SourceSKILL.md
325f"https://oauth.reddit.com/r/{subreddit}/{sort}",
low line 378

External URL reference

SourceSKILL.md
378const response = await fetch("https://www.reddit.com/api/v1/access_token", {
low line 396

External URL reference

SourceSKILL.md
396`https://oauth.reddit.com/r/${subreddit}/${sort}?limit=${limit}`,
low line 428

External URL reference

SourceSKILL.md
428REDIRECT_URI = "http://localhost:8000/callback"
low line 436

External URL reference

SourceSKILL.md
436f"https://www.reddit.com/api/v1/authorize"
low line 455

External URL reference

SourceSKILL.md
455"https://www.reddit.com/api/v1/access_token",
low line 487

External URL reference

SourceSKILL.md
487Full list: https://www.reddit.com/api/v1/scopes
low line 583

External URL reference

SourceSKILL.md
583| Auth token | `POST https://www.reddit.com/api/v1/access_token` |
low line 584

External URL reference

SourceSKILL.md
584| API requests | `https://oauth.reddit.com/...` |
Scanned on Feb 12, 2026
View Security Dashboard
Installation guide →
GitHub Stars 55
Rate this skill
Categorydevelopment
UpdatedMay 21, 2026
openclawclaude-codecursorwindsurfclineroo-codeampcodexgoosetraeopencodevibemanusantigravitygemini-cliapibackendcross-platformdata-engineerbackend-developerproduct-managerdevelopmentproduct
NeverSight/skills_feed