ClawHub

delete discord message in bulk

Security checks across malware telemetry and agentic risk

Overview

This skill appears intended to delete Discord messages, but its instructions and backup command paths are too broad for a destructive moderation action.

Install only if you trust the publisher and can restrict the Discord bot to the exact server and channels where deletion is acceptable. Before any use, require a dry-run or preview, confirm the channel ID and message count explicitly, and avoid granting broad moderation permissions to production or audit-sensitive channels.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (7)

Intent-Code Divergence

Medium
Confidence
95% confidence
Finding
The documentation says to ask for confirmation, but the only documented execution paths are live destructive commands with no dry-run, preview, or enforced confirmation mechanism. In an agent setting, this mismatch is dangerous because ambiguous or mistaken invocation can immediately delete messages at scale, causing irreversible data loss and moderation/audit issues.

Vague Triggers

Medium
Confidence
94% confidence
Finding
The trigger guidance is broad enough to match common, ambiguous cleanup phrases and it is attached to a destructive capability: deleting Discord messages. In an agent setting, this raises the chance of unintended invocation and accidental mass deletion, especially because the phrasing includes natural language requests that may not clearly express informed consent or scope.

Natural-Language Policy Violations

Medium
Confidence
96% confidence
Finding
The statement that the assistant will auto-detect intent for bulk deletion encourages execution of a destructive operation based on inference rather than explicit user opt-in. In this context, the skill performs irreversible or difficult-to-recover moderation actions, so intent inference materially increases the risk of unauthorized or mistaken deletion.

Vague Triggers

Medium
Confidence
92% confidence
Finding
The instruction to 'always use' the skill whenever deletion intent seems clear encourages automatic activation without explicit invocation boundaries. For a destructive capability, broad auto-triggering materially increases the chance that conversational context, paraphrase, or misunderstanding leads to unintended bulk deletion.

Vague Triggers

Medium
Confidence
89% confidence
Finding
Trigger phrases like 'clean up [channel]', 'remove old messages', and 'clear the chat' are common natural-language expressions that can be used casually or metaphorically. Because this skill performs destructive bulk deletion, ambiguous phrase matching increases the risk of accidental activation and unwanted message removal.

Natural-Language Policy Violations

Low
Confidence
81% confidence
Finding
Stating that the skill 'auto-detects intent' for a bulk-deletion tool means the agent may select a destructive action path without explicit user opt-in to this capability. In this context, automatic intent detection compounds the already broad triggers and lack of enforced dry-run behavior, increasing the likelihood of unauthorized or mistaken deletion.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The script performs an irreversible bulk deletion of Discord messages immediately after parsing arguments, with no confirmation prompt, dry-run mode, or safeguard against accidental execution against the wrong channel or message count. In an agent/automation context this is more dangerous because a mis-specified channel ID, bad prompt interpretation, or unintended invocation can rapidly destroy audit history or user content.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal