discord-clawd
Pass
Audited by Gen Agent Trust Hub on May 27, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill interacts with a Discord relay by executing a local script
openclaw_relay.pylocated within the~/Projects/agent-scriptsdirectory. This script is used to resolve target aliases and relay messages to the Discord-backed agent.\n- [INDIRECT_PROMPT_INJECTION]: The skill ingests data from external Discord messages, which constitutes a potential attack surface for indirect prompt injection where malicious instructions in external messages could influence agent behavior.\n - Ingestion points: Data enters the agent's context through the output of the
askcommand inSKILL.md.\n - Boundary markers: There are no explicit delimiters or instructions to ignore embedded commands provided in the skill's usage instructions.\n
- Capability inventory: The skill has the ability to execute shell commands and access local project scripts.\n
- Sanitization: The skill does not describe any sanitization or filtering of the incoming message content before it is processed by the agent.
Audit Metadata