agent-discordbot
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection as it ingests untrusted content from Discord channels.
- Ingestion points: Untrusted data enters the agent context through commands like
message list,message get,message replies, andsnapshotwhich retrieve content from Discord API (SKILL.md). - Boundary markers: The skill instructions lack explicit delimiters or "ignore embedded instructions" warnings for handling retrieved message content.
- Capability inventory: The agent has access to sensitive capabilities including file reading/uploading via
agent-discordbot file uploadand network transmission viaagent-discordbot message send(SKILL.md). - Sanitization: No sanitization, escaping, or validation logic for external Discord content is described in the skill configuration.
Audit Metadata