discord-bot-architect
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Standard Implementation (SAFE): The skill provides templates for Discord bots using
discord.jsandpy-cord. These templates follow established community patterns for command handling and event management. - Credential Security (SAFE): The code correctly demonstrates the use of environment variables (
process.env.DISCORD_TOKENandos.environ["DISCORD_TOKEN"]) and thedotenvlibrary to manage sensitive bot tokens, rather than hardcoding them. - Least Privilege (SAFE): The instructions recommend using minimal Gateway Intents and explicitly label privileged intents (Message Content, Members) as items to avoid unless necessary.
- Dynamic Loading (SAFE): While the bot uses dynamic loading for commands/cogs (
require()andload_extension()), it is performed on local file system paths within the bot's own directory structure, which is the standard architecture for these frameworks. - Input Handling (LOW): As a Discord bot architect skill, the resulting bots will ingest untrusted data from Discord users. The provided templates use high-level library abstractions (Slash Commands) which are generally more resistant to injection than legacy message-based commands.
Audit Metadata