add-discord

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill asks the user to provide a Discord bot token and explicitly instructs placing it into .env (DISCORD_BOT_TOKEN=) and likely embedding it in commands or files, which requires the LLM to accept and output the secret verbatim.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill adds a Discord bot channel that ingests and acts on user-generated Discord messages (see Phase 3 "Create Discord Bot" which requires enabling Message Content Intent and Phase 5/"After Setup" which says the bot reads messages, attachments, and reply context), so untrusted third-party content will be read and can influence the agent's behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill explicitly runs git fetch/merge on the remote https://github.com/qwibitai/nanoclaw-discord.git during runtime to pull in source files (e.g., src/channels/discord.ts) that will be built and executed, thus injecting remote code that directly changes agent behavior.