discord
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [SAFE]: The skill consists solely of markdown documentation and JSON examples for tool interactions. It does not include any executable scripts, binary components, or network-borne code payloads.
- [PROMPT_INJECTION]: The skill enables the agent to read external content from Discord channels, creating a surface for indirect prompt injection where malicious instructions could be embedded in user messages.
- Ingestion points: Untrusted data enters the agent context via the 'read' and 'search' actions defined in
SKILL.md. - Boundary markers: The documentation does not specify the use of delimiters or 'ignore' instructions for the retrieved content.
- Capability inventory: The skill allows the agent to send messages, create threads, react to messages, and update presence, as well as attach local files via the 'media' parameter.
- Sanitization: The skill instructions do not specify any sanitization or validation of retrieved message data, relying on the underlying agent's core tool safety layers.
Audit Metadata