discord-manage-channel
Pass
Audited by Gen Agent Trust Hub on Apr 4, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes
curlcommands to interact with the Discord API v10. This is the primary intended functionality of the skill and is directed at a well-known service domain (discord.com). - [DATA_EXFILTRATION]: Authentication is managed through the
DISCORD_BOT_TOKENenvironment variable, which is a standard and secure practice for managing bot credentials without hardcoding them. - [PROMPT_INJECTION]: The skill defines an attack surface for indirect prompt injection as it ingests user-provided data for channel names and topics.
- Ingestion points: User requests for
name,topic, andpermission_overwritesprocessed inSKILL.md. - Boundary markers: Absent.
- Capability inventory: Execution of
curlrequests to external API endpoints (SKILL.md,examples.md). - Sanitization: Includes length and character set validation rules in
SKILL.md, though it does not explicitly filter for embedded instructions. - [SAFE]: The skill explicitly instructs the agent to require human confirmation before performing destructive operations like channel deletion, which mitigates the risk of accidental data loss.
Audit Metadata