Skills
NYC
skills/smithery/ai/discord-bot-architect/Gen Agent Trust Hub

discord-bot-architect

Warn

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: MEDIUMPROMPT_INJECTIONREMOTE_CODE_EXECUTION
Full Analysis
  • [Dynamic Execution] (MEDIUM): The skill uses dynamic loading patterns to register commands and cogs. In the Node.js example, it uses fs.readdirSync and require(filePath) to load modules from the ./commands and ./events directories. In the Python example, it uses os.listdir and bot.load_extension to load modules from ./cogs. While these are standard patterns in bot development, they involve executing code from computed filesystem paths.
  • [Indirect Prompt Injection] (LOW): The templates provide ingestion points for untrusted data through Discord interactions and slash command options (e.g., the msg parameter in the greet command).
  • Ingestion points: interaction object (src/index.js) and ctx: discord.ApplicationContext (main.py).
  • Boundary markers: Absent; there are no delimiters or instructions to ignore embedded commands in the user-provided strings.
  • Capability inventory: The provided code examples are restricted to display/response actions (interaction.reply, ctx.respond), placing them in the LOW capability tier.
  • Sanitization: The templates do not include logic to escape or sanitize the msg or message inputs before they are interpolated into responses.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 16, 2026, 09:14 AM