discord-openapi-skill

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt includes explicit commands that embed a bot token as a literal CLI argument and Authorization header (e.g., --secret "YOUR_BOT_TOKEN_HERE" and Authorization=Bot {{secret}}), which requires the agent to handle or output secret values verbatim.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly requires network access to https://discord.com/api/v10 and instructs using the Discord OpenAPI (https://raw.githubusercontent.com/discord/discord-api-spec/...) and discord-openapi-cli commands (e.g., get:/guilds/{guild_id}/channels, post:/channels/{channel_id}/messages) with a Bot Token that can read channel messages and other user-generated content, so the agent will fetch and interpret untrusted third-party (user-generated) content as part of its workflow.