add-discord

Pass

Audited by Gen Agent Trust Hub on Jun 18, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill facilitates the creation of a Discord bot that ingests untrusted data from external users, which constitutes an indirect prompt injection surface. This risk is acknowledged and addressed in the instructions through a comprehensive 'Security Lockdown' section which guides the user to use private channels and Discord role permissions to restrict access to the bot.
  • Ingestion points: Discord channel messages via discord.js (referenced in Phase 1 and 3).
  • Boundary markers: None specified in instructions, but channel privacy is used as a functional boundary.
  • Capability inventory: Access to Bash, Read, Edit, Write, and local SQLite database.
  • Sanitization: Relies on Discord platform permissions (Private Channels, Role Permissions) to limit the input source to authorized users.
  • [COMMAND_EXECUTION]: Employs standard local shell commands (ls, grep, mkdir) and database operations (sqlite3) to verify the environment and persist configuration settings. These commands are used for installation and maintenance tasks and do not involve remote code execution or suspicious privilege escalation.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 18, 2026, 07:00 AM
Security Audit — agent-trust-hub — add-discord