Discord Markdown

Security checks across malware telemetry and agentic risk

Overview

This is a Discord formatting helper that only provides Markdown instructions and templates; it does not run code, access accounts, or post messages automatically.

Safe to install as a formatting/reference helper. Before pasting generated text into Discord, review @everyone, @here, role mentions, masked links, and message length to avoid accidental broad notifications or unintended public content.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 91% confidence
Finding: The skill description is broad enough that it may activate for many generic Discord-related requests, not just formatting tasks. Over-broad invocation can cause the agent to apply this skill in inappropriate contexts, potentially reshaping outputs or introducing Discord-specific constructs such as mentions, links, or markdown when the user did not intend that behavior.

Missing User Warnings

Low

Confidence: 88% confidence
Finding: The skill teaches and exemplifies Discord mentions, including high-reach patterns like @everyone and role mentions, but does not warn about the disruptive impact of mass pings. In a message-generation context, that omission increases the chance the agent will produce content that triggers unwanted notifications across a server, creating social engineering, spam, or operational disruption risks.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal