ClawHub

Discord Context

v0.1.1

Sync and cache per-thread context for Discord Forum channels. Use when handling /discord-context commands to poll active threads, list cached context, inspec...

0· 896·1 current·1 all-time
by@demitrim
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description ask for syncing Discord forum threads; the package requires node and a DISCORD_TOKEN and includes a CLI that calls Discord's API and writes cache files under an explicit workspace memory directory — these requirements match the stated purpose.
Instruction Scope
SKILL.md instructs running the included CLI and documents required env vars; the CLI only reads/writes files under the workspace 'memory/' tree, enumerates .md files there to match thread names, and calls only Discord API endpoints. There are no instructions to read unrelated system files or to send data to third-party endpoints beyond discord.com.
Install Mechanism
There is no install script or external download; the skill is instruction-only with bundled scripts. It relies on a local node binary, which is reasonable for a Node-based CLI.
Credentials
Only DISCORD_TOKEN is required for polling (plus optional DISCORD_GUILD_ID, DISCORD_FORUM_CHANNEL_ID, and OPENCLAW_WORKSPACE). These env vars are appropriate for a Discord integration and are limited in scope.
Persistence & Privilege
The skill does not request 'always' presence, does not modify other skills or global agent settings, and stores data under its own workspace memory path. It does not request elevated platform privileges.
Assessment
This skill appears to do what it says, but review and follow these precautions before installing: 1) Run the skill with a bot token that has minimal permissions (limit to the forum channel and read access). 2) Store DISCORD_TOKEN in a secrets store or environment variable — never commit it. 3) The CLI will read any .md files under the configured workspace/memory directory to match thread names, so ensure you don't keep sensitive secrets there. 4) Confirm your Node runtime supports global fetch (Node 18+) or run with an appropriate Node version. 5) Audit workspace files and the cache directory periodically and rotate tokens if you stop using the skill.

Like a lobster shell, security has layers — review code before you run it.

latestvk970q8dyevjy79n0nbvzraexf981ap3s

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Binsnode
EnvDISCORD_TOKEN

Comments