Back to skill
Skillv0.1.2
ClawScan security
Discord Purge Bot · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
ReviewMar 7, 2026, 10:15 AM
- Verdict
- Review
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's code and runtime instructions require a Discord bot token and Node.js, but the registry metadata does not declare those credentials or binaries — an incoherence you should resolve before installing.
- Guidance
- This skill appears to implement the claimed purge functionality, but the registry metadata is inconsistent with the code and docs. Before installing or running it: (1) Treat your Discord bot token as sensitive — supply only a bot token (never a user account token). The scripts require DISCORD_BOT_TOKEN or --token even though the skill metadata doesn't declare it. (2) Ensure Node.js is installed and that the environment running these scripts is trusted; the metadata doesn't list 'node' as a required binary. (3) Review the included scripts yourself (they call only discord.com API endpoints and write JSON state files) and test in a non-production/test guild or channel. (4) Verify the bot has only the minimal permissions needed (VIEW_CHANNEL, READ_MESSAGE_HISTORY, MANAGE_MESSAGES, MANAGE_CHANNELS if using nuke) and enable auditing/monitoring. (5) Prefer running the preview flow first and require the confirmation code before destructive runs. If the registry owner cannot explain why credentials/binaries are omitted from metadata, treat the omission as a red flag and do not provide your production bot token.
Review Dimensions
- Purpose & Capability
- concernThe skill is a Discord purge tool and legitimately needs a bot token and Node.js to run. However, the registry metadata lists no required env vars, no primary credential, and no required binaries — despite SKILL.md and the code (resolveToken and node scripts) requiring DISCORD_BOT_TOKEN or --token and invocation via node. This mismatch is material and unexplained.
- Instruction Scope
- noteSKILL.md and the scripts constrain behavior to Discord HTTP API calls, preview/run workflows, confirm codes, and writing JSON audit artifacts. The runtime instructions do not instruct wide data collection or external exfiltration and only reference proxy env vars for HTTP routing. This is consistent with the stated purpose, but the documentation expects you to pass a bot token and run Node commands (e.g., node scripts/purge-runner.mjs).
- Install Mechanism
- okThere is no install spec (instruction-only plus included scripts), which is lower risk than downloading arbitrary binaries. The code will run as Node.js scripts; no remote downloads or obscure installers are present. Still, the package includes executable scripts that will be written to disk when installed locally — ensure you run them in a controlled environment.
- Credentials
- concernThe code expects a sensitive credential (DISCORD_BOT_TOKEN or --token) and may read HTTP_PROXY/HTTPS_PROXY/NO_PROXY env vars for networking. The metadata does not declare the bot token as a required credential or list Node as a required binary. Requiring a bot token is proportionate to the task, but the omission in metadata is a security/administrative concern that could cause accidental misuse (e.g., providing a user token).
- Persistence & Privilege
- okThe skill does not request permanent 'always' inclusion, does not modify other skills, and only writes state/result JSON to paths you specify via CLI flags. It can run autonomously by default (platform default), but that is not combined with any other high-privilege or opaque behavior here.