discord-chat-summary
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- PROMPT_INJECTION (LOW): Potential for indirect prompt injection via Discord chat logs processed by the skill.\n
- Ingestion points: Untrusted message data is read directly from
messages.mdfiles located in the./data/directory (Step 4).\n - Boundary markers: Absent. The instructions lack specifications for delimiters or 'ignore instructions' warnings when reading the message content, allowing data to be interpreted as instructions.\n
- Capability inventory: The skill possesses the capability to execute local Python tools (
discord_status.py,discord_manifest.py,persona_status.py) and perform file system reads.\n - Sanitization: Absent. There is no evidence of sanitization, validation, or escaping of the chat content before it is incorporated into the agent's context for summarization.
Audit Metadata