ClawHub

Discord Hub Builder

Security checks across malware telemetry and agentic risk

Overview

This skill does what it says by building a Discord server structure, but it uses a powerful bot token and users must manually verify channel permissions afterward.

Install only if you intend to let a dedicated Discord bot modify the target server. Run the dry run first, confirm the guild ID, avoid passing real tokens in shared shells or logs, and manually verify owner-only, readonly, and personal channel permissions before using the created channels for sensitive content.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
94% confidence
Finding
The skill clearly performs outbound network actions against the Discord REST API and requires a bot token, yet the skill metadata does not declare permissions or explicitly scope that capability. This undermines permission transparency and can cause users or execution frameworks to grant or invoke networked behavior without an accurate manifest of what the skill will do.

Description-Behavior Mismatch

Medium
Confidence
91% confidence
Finding
The skill metadata promises roles, permissions, and owner/reviewer/readonly behavior, but the script only creates roles and channels and never applies permission overwrites. This creates a security mismatch: channels described as owner-only or read-only will inherit default guild permissions, potentially exposing sensitive agent outputs or allowing unauthorized posting if the server defaults are permissive.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The script performs destructive live changes to a Discord guild immediately when invoked with a token and guild ID, creating roles, categories, channels, messages, and pins without any interactive confirmation or safeguard. In the context of an agent skill that can be triggered programmatically, this increases the risk of accidental or unauthorized server modification from a mis-scoped request, wrong guild ID, or unintended automation path.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal