Skills
skills/himself65/finance-skills/discord-reader/Gen Agent Trust Hub

discord-reader

Warn

Audited by Gen Agent Trust Hub on Apr 27, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes dynamic context injection (the !command syntax) in SKILL.md to execute a shell command chain at load time to check for the presence and status of the opencli tool.
  • [EXTERNAL_DOWNLOADS]: The skill directs the user to install the @jackwener/opencli package globally via npm. This package originates from an unverified third-party account rather than a known or trusted organization.
  • [PROMPT_INJECTION]: The skill is designed to ingest and process data from Discord, which constitutes untrusted external content.
  • Ingestion points: Discord data enters the agent context via the output of opencli discord-app read and opencli discord-app search commands.
  • Boundary markers: The prompt instructions lack explicit delimiters or instructions to treat the ingested Discord content as untrusted data.
  • Capability inventory: The skill environment allows for shell command execution and package installation.
  • Sanitization: There is no mechanism described for sanitizing or filtering the content retrieved from Discord before it is used to inform agent decisions or outputs.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Apr 27, 2026, 04:36 AM