discord-list-channels
Pass
Audited by Gen Agent Trust Hub on Apr 4, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill relies on curl and jq to fetch and organize data from the Discord API v10. These commands are used to perform GET requests and parse JSON responses, which is a standard approach for this functionality.
- [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection. Ingestion points: Data including channel names and topics are ingested from the Discord API endpoint /guilds/{GUILD_ID}/channels (SKILL.md). Boundary markers: There are no instructions to use delimiters or ignore embedded instructions when displaying or processing these fields. Capability inventory: The skill uses shell command execution via curl and jq (SKILL.md, examples.md). Sanitization: No validation or filtering is performed on the data retrieved from Discord before it is presented to the user or processed by the agent.
Audit Metadata