discord-bot-architect
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: LOW
Full Analysis
- CREDENTIALS_UNSAFE (SAFE): The skill correctly demonstrates using environment variables for sensitive Discord tokens (process.env.DISCORD_TOKEN and os.environ) and includes explicit warnings against hardcoding credentials in its 'Sharp Edges' section.
- COMMAND_EXECUTION (LOW): The provided code templates use standard framework patterns for dynamic module loading (require in Node.js and load_extension in Python) to discover bot commands from local directories. While this involves dynamic execution, it is restricted to local paths and represents the canonical modular architecture for these libraries.
- PROMPT_INJECTION (SAFE): No malicious override instructions or bypass attempts were detected. The phrase 'Acknowledge immediately' in the documentation refers to technical requirements for Discord interaction response times (deferring) rather than an attempt to manipulate the AI agent's behavior.
Audit Metadata