discord-bot-architect
Pass
Audited by Gen Agent Trust Hub on Apr 14, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill architecture includes data ingestion points from Discord interactions (slash commands, modals, and messages) which are processed by the bot. This creates a surface for indirect prompt injection.
- Ingestion points: Interaction handlers in 'src/events/interactionCreate.js' and 'main.py'.
- Boundary markers: Not explicitly implemented in the basic templates.
- Capability inventory: The templates demonstrate network interaction via the Discord API and provide placeholders for LLM integration.
- Sanitization: The documentation recommends using structured slash commands and components over raw message parsing to reduce risk.
- [SAFE]: The skill provides strong security education, explicitly instructing users on how to protect bot tokens using environment variables and '.gitignore' files. It also correctly warns against over-requesting privileged gateway intents.
Audit Metadata