discord
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- [PROMPT_INJECTION]: Ingestion points: The skill reads external data via the read and search actions (SKILL.md). Boundary markers: None specified to delimit untrusted Discord content. Capability inventory: The agent can send messages, reactions, and files via the message tool (SKILL.md). Sanitization: No explicit sanitization or filtering of Discord content is mentioned.
- [DATA_EXFILTRATION]: The skill documents the use of the media field with the file:/// protocol in the message tool (SKILL.md). This allows the agent to access and send local files to an external Discord channel. While this is a functional requirement, it creates a risk of sensitive file exposure if the agent's file system permissions are not restricted.
Audit Metadata