Skills
skills/steipete/agent-scripts/discord-clawd/Gen Agent Trust Hub

discord-clawd

Pass

Audited by Gen Agent Trust Hub on May 11, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructions direct the agent to execute local Python scripts located in the user's Projects directory using shell commands such as python3 skills/openclaw-relay/scripts/openclaw_relay.py.
  • [PROMPT_INJECTION]: The skill acts as a message proxy, creating an indirect prompt injection surface.
  • Ingestion points: User-provided message content is ingested and passed to the relay script via the --message argument.
  • Boundary markers: No delimiters or ignore-instructions markers are used to encapsulate the user-provided content.
  • Capability inventory: The skill utilizes shell command execution via Python.
  • Sanitization: There are no instructions for the agent to sanitize or escape user input before it is interpolated into the shell command string.
Audit Metadata
Risk Level
SAFE
Analyzed
May 11, 2026, 06:37 AM