discord-send-message
Pass
Audited by Gen Agent Trust Hub on Apr 4, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to construct and execute
curlcommands. These commands dynamically incorporate user-supplied parameters, specifically the Discord channel ID and the message content, to perform POST requests. - [EXTERNAL_DOWNLOADS]: The skill initiates network requests to
discord.com, which is a well-known and established service. These requests are used for the primary purpose of sending messages to the Discord API. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to the way it handles external data.
- Ingestion points: Untrusted data enters the agent context through user-provided message content and channel IDs in
SKILL.md. - Boundary markers: There are no explicit instructions for the agent to use delimiters or boundary markers when interpolating user data into the
curlpayload. - Capability inventory: The skill uses
curlcommand execution across its primary instructions and multiple examples inexamples.md. - Sanitization: While the skill suggests validating that the channel ID is numeric and the message is not empty, it lacks specific sanitization or escaping instructions to prevent the user-provided message content from interfering with the shell command structure (e.g., escaping single quotes).
Audit Metadata