The Agent Skills Directory

[CREDENTIALS_UNSAFE]: The skill uses the discord auth --save command to automatically extract Discord authentication tokens from the local filesystem or browser processes. This targets sensitive session data stored by the Discord desktop application and web browsers to facilitate access.
[EXTERNAL_DOWNLOADS]: The skill instructs the agent to install the kabi-discord-cli package from a public registry. This external dependency is responsible for performing sensitive operations, including the extraction of user credentials and interaction with the Discord API.
[COMMAND_EXECUTION]: The skill relies on executing the discord CLI utility with various arguments to manage local data synchronization and query external APIs, which provides the agent with broad execution capabilities on the host system.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection by processing untrusted content from Discord messages.
Ingestion points: Message history, search results, and recent activity retrieved via the discord tool as described in SKILL.md.
Boundary markers: No delimiters or warnings are used to distinguish message content from agent instructions.
Capability inventory: The agent can execute shell commands using the discord CLI as outlined in references/commands.md.
Sanitization: No sanitization, escaping, or filtering of external message content is mentioned prior to processing or presentation.

discord