discord
Pass
Audited by Gen Agent Trust Hub on Apr 18, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security issues or malicious patterns were detected in the skill instructions.
- [DATA_EXPOSURE]: The skill provides examples for sending media using local file paths (e.g.,
file:///tmp/example.png). This is a standard feature of the messaging tool for handling attachments and does not target sensitive system locations. - [CREDENTIALS_UNSAFE]: The skill correctly specifies the need for a Discord token via configuration metadata (
channels.discord.token) rather than hardcoding secrets. - [INDIRECT_PROMPT_INJECTION]: The skill implements tools to read external data from Discord channels through
readandsearchactions. This creates an ingestion point for untrusted data, which is a known surface for indirect prompt injection, although the skill itself does not contain any unsafe processing of this data.
Audit Metadata