discord-webhook
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEDATA_EXFILTRATIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [DATA_EXFILTRATION] (LOW): The skill is designed to transmit data to an external service (discord.com). It explicitly demonstrates the ability to read and upload local files (e.g.,
curl -F "file1=@error.log"), which creates a surface for exfiltrating sensitive local data if an attacker can influence the file paths used by the agent. - [COMMAND_EXECUTION] (LOW): The skill uses
curland suggests wrapping commands inbash -cto manage environment variables. This introduces a risk of command injection if the agent interpolates untrusted user content directly into the shell string without proper sanitization. - [PROMPT_INJECTION] (LOW): As a tool for processing and forwarding data (logs, messages), it is vulnerable to Indirect Prompt Injection (Category 8).
- Ingestion points: Data for the
contentandembedsfields, as well as filenames for attachments, are sourced from the agent's context or user input (SKILL.md). - Boundary markers: Absent. The skill does not provide instructions to the agent to treat the data as untrusted or to ignore embedded instructions.
- Capability inventory:
curl(network access, file reading via@),bash -c(shell execution). - Sanitization: Absent. There is no logic provided to escape or validate inputs before they are included in the shell commands or JSON payloads.
Audit Metadata