discord-init
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECREDENTIALS_UNSAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- PROMPT_INJECTION (LOW): The skill is vulnerable to indirect prompt injection via external Discord server data (Category 8). 1. Ingestion points: Fetches server lists and names through the Discord API via discord_init.py. 2. Boundary markers: Absent; the agent is not instructed to treat server names as untrusted content. 3. Capability inventory: Includes local Python script execution and writing configuration to agents.yaml. 4. Sanitization: No sanitization of server metadata is performed.
- CREDENTIALS_UNSAFE (LOW): Accesses and stores sensitive user credentials (Category 2). The skill directs users to provide a DISCORD_USER_TOKEN in a .env file. User tokens grant full account access and are sensitive. Severity is lowered to LOW because this is necessary for the skill's primary stated purpose.
- COMMAND_EXECUTION (SAFE): Executes a local script discord_init.py as part of the setup process. This is the expected behavior for a configuration wizard.
Audit Metadata