Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Discord
v1.0.2Control Discord via Clawdbot to send messages, react, post stickers/emojis, run polls, manage threads/pins/search, fetch info, and moderate channels or DMs.
⭐ 1· 175·0 current·0 all-time
by@fresh3
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The SKILL.md consistently describes Discord management capabilities (messages, reactions, uploads, polls, moderation). However, it implicitly depends on a pre-configured 'discord' tool and a Clawdbot bot token while the skill metadata declares no required binaries, config paths, or credentials. That mismatch (implicit credential/tool assumption not declared) is an inconsistency.
Instruction Scope
Runtime instructions allow reading local files via file:/// (for media/emoji/sticker uploads) and performing sensitive Discord operations (readMessages, searchMessages, memberInfo, role changes, moderation). Reading arbitrary local files and uploading them to Discord is explicitly supported and could be used to exfiltrate sensitive local data if misused. The instructions otherwise stay within Discord-related actions and don't instruct reading unrelated system files or env vars, but the local-file upload capability and broad message/member access are notable risks.
Install Mechanism
There is no install spec and no code files; the skill is instruction-only. That minimizes on-disk installation risk. The SKILL.md assumes an existing 'discord' tool/environment but does not install anything itself.
Credentials
The skill does not declare any required environment variables or primary credential, yet the documentation explicitly says it uses 'the bot token configured for Clawdbot.' Relying on an undeclared bot token (or other agent configuration) is a proportionality and transparency issue: users may not realize the skill needs access to the bot token or other service credentials to function.
Persistence & Privilege
The skill does not request permanent/always-on inclusion and uses the default agent-invocation model. That is normal. However, because the skill can perform privileged Discord operations (moderation, role changes) — even though those groups default to disabled — allowing autonomous invocation without explicit restrictions increases blast radius if the agent is granted those permissions.
What to consider before installing
This instruction-only Discord skill appears to do what it claims, but there are important surprises to be aware of: it implicitly expects a pre-configured 'Clawdbot' bot token and a 'discord' tool on the agent even though no credentials or binaries are declared; it allows uploading local files (file:/// paths), which will read and transmit files from the agent host to Discord; and it supports powerful moderation and role-change actions (disabled by default) that require high privileges. Before installing: 1) confirm where the Clawdbot token is stored and whether you are willing to expose it to this skill; 2) limit the bot's permission scope on Discord (least privilege) and keep moderation/roles disabled unless explicitly needed; 3) restrict or audit the agent's filesystem access if you do not want arbitrary local files uploaded; 4) test in a non-production server first; and 5) prefer a skill with an explicit homepage/source or clear declaration of required credentials/tools — ask the publisher for the source code or details if you need higher assurance.Like a lobster shell, security has layers — review code before you run it.
latestvk97fqcskfz0kh0htb7hm2g9vxx834sth
License
MIT-0
Free to use, modify, and redistribute. No attribution required.