discord

Warn

Audited by Socket on Mar 18, 2026

1 alert found:

Security
SecurityMEDIUM
SKILL.md

The code fragment is coherent with its purpose of enabling Discord bot capabilities within Alma. It exhibits some typical supply-chain and runtime risk patterns (plaintext token in docs/Examples, local API exposure, file path handling). The overall risk is moderate and primarily concerns credential management and local service trust boundaries. It would be considered BENIGN if properly secured (secret management, restricted API exposure, validated inputs). However, due to plaintext token exposure guidance and localhost-based endpoints, I classify this as SUSPICIOUS rather than fully benign until mitigations are verified.

Confidence: 75%Severity: 75%
Audit Metadata
Analyzed At
Mar 18, 2026, 11:17 PM
Package URL
pkg:socket/skills-sh/ninehills%2Fskills%2Fdiscord%2F@a081f34fc8f3630782e6b6d4cfb03c260a113e17
Security Audit — socket — discord