Discord History Reader
WarnAudited by ClawScan on May 18, 2026.
Overview
This skill is transparent about what it does, but it asks the agent to store and use a Discord bot token to bypass normal OpenClaw message visibility and read Discord history directly.
Install only if you intentionally want the agent to read Discord history via a bot token outside normal OpenClaw session visibility. Use a dedicated low-permission bot, restrict it to specific channels, require explicit user approval for each channel or thread read, and avoid storing broad Discord credentials in persistent agent-readable files unless you accept the risk.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent could read Discord channels or threads that are not visible in the current OpenClaw session, exposing conversation history if used too broadly.
The skill is designed to use direct Discord API calls to access message history outside the normal OpenClaw session boundary.
bypassing OpenClaw's session-based message visibility ... fetch historical context from a conversation you weren't part of
Require explicit user-provided channel or thread IDs for each request, add channel allowlists and confirmations, and avoid broad pagination unless the user clearly approves it.
If the token is exposed or misused, the agent or anyone with access to the file could read or potentially write in Discord channels where the bot has permissions.
The artifact asks users to make a powerful Discord bot credential directly available to the agent, including authority beyond read-only message fetching.
Store the Discord bot token in a separate file accessible to the agent ... The bot token grants read/write access to all channels the bot is in
Use a separate least-privilege bot restricted to only the needed channels, avoid duplicating protected tokens into agent-readable files when possible, and rotate the token if it has been exposed.
The agent may see sensitive Discord content and could be influenced by instructions embedded in old messages if they are not treated as untrusted data.
Fetched Discord messages become agent context and may include private information or adversarial instructions from people other than the user.
Each message object contains: content — message text ... author.username ... timestamp
Treat fetched Discord messages as untrusted reference material, do not follow instructions contained in them, and only retrieve the minimum history needed for the task.