discord-bot-architect
Warn
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- Dynamic Execution (MEDIUM): The skill implements dynamic loading of scripts from local directories to register bot commands and events. * Evidence:
require(filePath)insrc/index.jsandbot.load_extension()inmain.py. * Risk: Relies on the integrity of the local filesystem; unauthorized file placement in these directories leads to arbitrary code execution within the bot process. - Indirect Prompt Injection (MEDIUM): The templates provided for bot creation ingest untrusted user data without sanitization or boundary markers. * Ingestion points:
interactionobjects in Discord.js (src/index.js) anddiscord.Optioninputs in Pycord (main.py). * Boundary markers: None. The templates do not use delimiters or instructions to prevent the bot from obeying instructions embedded in user messages. * Capability inventory: Templates include the ability to respond to interactions and send messages to Discord channels. * Sanitization: None. Input is directly interpolated into responses, e.g.,await ctx.respond(f"{user.mention}, {msg}").
Audit Metadata