ClawHub

Discord Hub Builder

v1.0.0

Build a complete Discord AI command center server from scratch using the Discord REST API. Use when a user wants to set up a professional Discord server for...

0· 268·1 current·1 all-time
by@calecorbett
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description promise (create a Discord AI command center) matches the contained script and runtime instructions. The script only calls the Discord API to create roles, categories, channels, post messages, and pin those messages—functionality expected for this purpose.
Instruction Scope
SKILL.md explicitly limits actions to creating roles, categories, channels, posting & pinning messages, and printing channel IDs. It documents required bot permissions and guild ID. The script does not read unrelated files or send data to external endpoints other than discord.com.
Install Mechanism
No installation/downloading is performed; this is an instruction-only skill with an included Python script. No external archive downloads or package installs are invoked.
Credentials
The skill requires a Discord bot token with Manage Channels/Roles/Messages and a guild ID—these are appropriate for the task. Minor mismatch: the registry metadata lists no required env vars, while SKILL.md/docs expect the user to supply the token and guild ID as CLI arguments; this is not malicious but is an operational detail the user should note.
Persistence & Privilege
The skill does not request always:true or claim permanent system presence. It runs when invoked and performs only Discord API calls using the supplied token. Autonomous invocation is allowed by platform default but not intrinsically problematic here.
Assessment
This skill appears to do exactly what it says, but take these precautions before running: 1) Provide only a bot token with the minimal permissions you can (it needs Manage Channels/Roles/Manage Messages to perform all actions). 2) Prefer not to pass the token on the command line on multi-user systems (CLI args can be visible via process listings); consider using an environment variable or an interactive prompt, and rotate the token if exposed. 3) Run the dry-run first to preview changes—the script can create duplicate channels if re-run. 4) Only run this against servers you control or have explicit permission to modify. 5) If you accidentally leak the token or suspect compromise, immediately revoke/rotate it in the Discord developer portal.

Like a lobster shell, security has layers — review code before you run it.

latestvk975gp626btq4x375mdvcx1cgh82gt0a

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments