discord
Pass
Audited by Gen Agent Trust Hub on Apr 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses
curlandjqto interact with Discord's REST API. Commands are executed locally to manage messages, channels, and server metadata. - [DATA_EXFILTRATION]: The skill sends data to
discord.com, which is a well-known and legitimate service. This includes sending message content, creating webhooks, and modifying server configurations as part of its primary purpose. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted data from an external source.
- Ingestion points: Untrusted data enters the agent context through the 'Get Channel Messages' and 'Get Specific Message' functions in
SKILL.mdwhich fetch external content via API. - Boundary markers: The instructions lack delimiters or explicit warnings to the agent to ignore instructions embedded within the fetched message content.
- Capability inventory: The skill provides significant capabilities in
SKILL.mdincluding sending/deleting messages, creating webhooks, and creating channels which could be abused if the agent obeys instructions found in fetched messages. - Sanitization: There is no evidence of sanitization or filtering applied to the content retrieved from Discord before it is processed by the agent.
Audit Metadata