discord-automation
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- [NO_CODE]: The skill consists exclusively of markdown documentation and YAML metadata. It does not include scripts, binaries, or other executable files.
- [EXTERNAL_DOWNLOADS]: The skill references an external MCP server endpoint at https://rube.app/mcp. This is a standard configuration reference for the Rube MCP service and does not constitute an untrusted remote code download.
- [PROMPT_INJECTION]: Indirect Prompt Injection Surface. The skill workflows involve reading untrusted data from Discord (e.g., via DISCORDBOT_LIST_MESSAGES), which could contain adversarial instructions. 1. Ingestion points: Discord messages and channel data retrieved in the SKILL.md workflows. 2. Boundary markers: None specified in the documentation. 3. Capability inventory: The skill defines access to Discordbot toolkits for managing messages, roles, and webhooks. 4. Sanitization: No sanitization or filtering of incoming Discord content is described in the skill instructions.
Audit Metadata