discord
Pass
Audited by Gen Agent Trust Hub on Apr 7, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses
curlto perform requests against the official Discord API endpoints. These commands are necessary for managing messages, channels, and roles as described in the skill documentation. - [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface because it ingests untrusted data from an external source.
- Ingestion points: Reads message content from Discord channels via the
/messagesAPI endpoint (referenced inSKILL.md). - Boundary markers: There are no explicit delimiters or instructions to ignore embedded commands within the retrieved message data.
- Capability inventory: The skill can perform sensitive actions such as deleting messages, creating channels, and managing webhooks via
curl(referenced inSKILL.md). - Sanitization: While data is structured using
jq, the raw message content is not sanitized or escaped to prevent the agent from obeying instructions hidden within the external data.
Audit Metadata