discord-chat
Pass
Audited by Gen Agent Trust Hub on Mar 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns, code execution, or obfuscation were detected. The skill consists entirely of markdown instructions for using a pre-defined Discord message tool.
- [DATA_EXPOSURE]: The skill describes how to handle Discord bot tokens and correctly advises users to use environment variables and keep tokens secret, rather than hardcoding them into configuration files.
- [INDIRECT_PROMPT_INJECTION]: The skill enables the agent to read and search Discord messages, which creates a surface for indirect prompt injection from external users.
- Ingestion points: Message reading and searching actions are detailed in SKILL.md and SEARCH.md.
- Boundary markers: The instructions do not define delimiters or specific 'ignore instructions' warnings for content retrieved from Discord.
- Capability inventory: The skill provides extensive capabilities including message manipulation (send/edit/delete) and channel management (creation/deletion/permissions).
- Sanitization: There is no documentation regarding the sanitization or validation of untrusted data received from the Discord API.
Audit Metadata