Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Discord AI Dispatcher
v1.7.8Routes Discord notifications with a two-tier system using hardcoded rules and local AI, supports message updates to reduce clutter, and optimizes resource use.
⭐ 0· 99·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description (Discord dispatcher) aligns with the instructions: the SKILL.md repeatedly references routing by ID prefix, local state files, webhook config, deduplication, and updating messages rather than posting new ones. Storing webhook URLs in config/webhooks.json and reading dispatcher.log/last-seen-ids.json is coherent for this purpose. However, the skill also describes re-initializing state from an external API/DB and performing audits without declaring any required credentials or how the agent should authenticate, which is an inconsistency.
Instruction Scope
The runtime instructions explicitly tell the agent to read and modify local files (config/webhooks.json, dispatcher.log, last-seen-ids.json, polling-state.json), delete corrupted state files, bypass deduplication in 'heal mode', and force-inject historical alerts. Those are powerful and potentially destructive actions. The guidance to automatically delete corrupted JSON and re-sync a 24-hour backlog may cause unexpected mass re-sends of potentially sensitive data and should require explicit user consent and clear limits.
Install Mechanism
No install spec or code is included — this is instruction-only, so nothing is written to disk by an installer. That limits supply-chain risk; the skill will rely on the agent's environment and whatever scripts the user runs.
Credentials
The skill declares no required environment variables or primary credential, yet it depends on local webhook secrets (config/webhooks.json) and on access to source APIs/DBs for re-initialization and audit. This mismatch means the instructions expect access to sensitive credentials/config without declaring them or requiring safeguards. The healing/force-delivery behavior could resend sensitive historical payloads to webhooks, potentially leaking data if webhooks point to external systems.
Persistence & Privilege
The skill is not marked always:true and does not request persistent platform-level privileges. However, the instructions advocate periodic audits, automatic recovery that deletes and re-initializes state files, and a healing queue that bypasses normal checks — behaviors that modify local state and can have long-lived effects. Those operations are permitted by instruction-only skills but deserve cautious access controls.
What to consider before installing
This skill is plausible for a Discord/webhook dispatcher, but it instructs the agent to read and modify local state files, store and use webhook secrets from config/webhooks.json, automatically delete corrupted state files, and force-replay historical alerts. Before installing or using it: 1) Review and back up your existing state files (last-seen-ids.json, polling-state.json, dispatcher.log). 2) Inspect config/webhooks.json and ensure webhook endpoints are correct and limited in scope; treat those URLs as secrets. 3) Require explicit confirmation for destructive actions (file deletion, state resets, bypassing deduplication) and limit automatic 'heal' re-sends to a small test set. 4) Run the skill in a sandbox or test environment first to observe re-sync behavior and to ensure no unintended data leakage occurs. 5) If the skill needs DB/API access, supply credentials via a controlled mechanism and do not allow broad filesystem access to avoid exposing other sensitive files. If you want, provide the config layout and where the skill will run and I can point out exact lines/instructions that will perform each risky action.Like a lobster shell, security has layers — review code before you run it.
latestvk979t5b2yp4yx7hstvh411cy7x840ads
License
MIT-0
Free to use, modify, and redistribute. No attribution required.