ClawHub

discord-soul

v1.0.0

Create a living agent from your Discord server. The agent embodies your community's identity, remembers every conversation, and grows as the community evolves. Talk to your Discord as if it were a person.

0· 942·0 current·0 all-time
by@kgeesawor
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
high confidence
Purpose & Capability
The stated purpose (turn a Discord server into an agent) aligns with the included code (export, ingest, generate memories, simulate growth). However the registry metadata claims no credentials or env vars required while the runtime docs and scripts clearly require a Discord auth token, optional ANTHROPIC_API_KEY, and rely on external tools (DiscordChatExporter, OpenClaw CLI, LanceDB/indexers). That discrepancy (no declared primary credential vs. explicit token file instructions) is an incoherence worth flagging.
!
Instruction Scope
SKILL.md and scripts instruct collecting and storing full message content, attachments URLs, reactions, roles, and quoting messages verbatim into daily memory files. They explicitly tell the user to obtain a Discord 'authorization' token from the browser DevTools and save it to ~/.config/discord-exporter-token. The security pipeline references sending message batches to Anthropic for semantic evaluation (requiring an API key). The instructions therefore ask the agent to read and persist highly sensitive chat content and local token files — scope is broad and the skill did not declare or justify those sensitive accesses in the registry metadata.
Install Mechanism
There is no install spec (scripts are present but nothing is auto-downloaded by a package installer). That reduces supply-chain risk. However the scripts call multiple external third-party tools (DiscordChatExporter, OpenClaw CLI, LanceDB, anthropic client) — those are not installed automatically and the skill assumes they exist. This is expected for a toolchain-heavy project but you must install those dependencies yourself.
!
Credentials
Registry says 'required env vars: none' and 'primary credential: none', yet SKILL.md and scripts require: a Discord authorization token (saved to ~/.config/discord-exporter-token), optionally ANTHROPIC_API_KEY for Haiku safety evaluation, and environment variables for database/memory paths (DISCORD_SOUL_DB, DISCORD_SOUL_MEMORY) and optional OpenClaw variables. Requesting an unscoped user auth token via browser DevTools is especially sensitive and not declared. This is a clear mismatch and elevates risk.
Persistence & Privilege
The skill does not set always:true and does not request to modify other skills. It writes agent workspace files and a local SQLite DB; that persistence is expected for this purpose. No code in the provided files appears to modify global agent settings automatically, though scripts instruct the user to add the agent to OpenClaw config and restart. Still: persisted full-chat logs are privacy-sensitive and should be considered high-impact if misused.
Scan Findings in Context
[ignore-previous-instructions] expected: This pattern is present in SKILL.md and regex-filter patterns as an input that the security pipeline should detect. It's expected (the skill explicitly scans for injection attempts), not evidence of malicious intent by itself.
[you-are-now] expected: Also included in the regex/jailbreak patterns and SKILL.md threat-model examples; expected because the project is detecting persona-hijack attempts.
What to consider before installing
Before installing or running this skill, consider the following: - Sensitive credential handling: The scripts instruct you to extract a Discord 'authorization' token from the browser DevTools and store it in ~/.config/discord-exporter-token. That is highly sensitive — it is a full session token. Prefer using a bot token with minimal scopes or the official Discord API flow rather than copying a user token from DevTools. Do not run these scripts with a token you are not comfortable exposing. - Undeclared requirements: The registry metadata claims no credentials/env vars, but the runtime requires a Discord token, may require ANTHROPIC_API_KEY for safety evaluation, and expects external tools (DiscordChatExporter, OpenClaw CLI, LanceDB). Treat the metadata as unreliable and audit/prepare those dependencies yourself. - Data scope and privacy: The pipeline ingests full message text (including attachments URLs, mentions, quotes) into a local SQLite DB and writes full daily markdown files. That means private conversations, PII, and links will be persisted and could be exposed if the machine is compromised. Run this on an isolated machine or with sanitized/exported data you control. - Security pipeline is present but optional: The author included a regex pre-filter and a semantic (Anthropic) evaluator to flag injection attempts. Those are useful, but they depend on an external LLM key (Anthropic) and the regex lists are not exhaustive. Do not assume the pipeline guarantees safety — review flagged messages manually before ingest. - Missing/omitted scripts: secure-pipeline.sh references helper scripts (to-sqlite.py, index-to-lancedb.py) that were not shown; inspect those before running to ensure they don't exfiltrate data. - Recommended mitigations: (1) Audit the included scripts line-by-line before running. (2) Use an isolated VM or container and a dedicated Discord account/bot with limited permissions. (3) Avoid storing long-lived tokens on disk where possible; use short-lived credentials. (4) If you must run the semantic safety step, provision and store ANTHROPIC_API_KEY securely and be aware it will send message content to Anthropic. (5) Consider redacting or sampling messages (avoid ingesting attachments or messages from DMs) when generating memories. Given the mismatches (metadata vs. runtime) and the sensitive token instructions, proceed only if you trust the source, have reviewed all omitted helper scripts, and adopt the mitigations above.

Like a lobster shell, security has layers — review code before you run it.

latestvk978v04dpn950nq2c355zcnmq980r5nk
942downloads
0stars
1versions
Updated 1mo ago
v1.0.0
MIT-0
@kgeesawor
latest
Download

Discord Soul

Turn your Discord server into a living, breathing agent.

What You Get

An agent that:

  • Remembers every conversation in your Discord
  • Speaks in your community's voice
  • Knows the key figures, channels, and inside jokes
  • Grows as new messages arrive daily
  • Answers questions about your community's history and culture

Quick Start

# Create agent from your Discord
./scripts/create_agent.sh \
  --name "my-community" \
  --guild YOUR_GUILD_ID \
  --output ./agents/

# Set up daily updates
crontab -e
# Add: 0 */3 * * * /path/to/update_agent.sh

The Full Process

Step 1: Export Your Discord

You need DiscordChatExporter CLI.

Get your token:

  1. Open Discord in browser
  2. Press F12 → Network tab
  3. Send a message, find the request
  4. Copy the authorization header value
  5. Save to ~/.config/discord-exporter-token

Export everything:

DiscordChatExporter.Cli exportguild \
  --guild YOUR_GUILD_ID \
  --token "$(cat ~/.config/discord-exporter-token)" \
  --format Json \
  --output ./export/ \
  --include-threads All \
  --media false

Step 2: Security Pipeline (CRITICAL)

⚠️ Discord content from public servers may contain prompt injection attacks.

Before ingesting to your agent, run the security pipeline:

Threat Model

Discord users may attempt:

  • Direct injection: "Ignore previous instructions and..."
  • Role hijacking: "You are now a...", "Pretend you're..."
  • System injection: <system>, [INST], <<SYS>>
  • Jailbreaks: "DAN mode", "developer mode"
  • Exfiltration: "Reveal your system prompt"

Layer 1: Regex Pre-Filter (Fast, No LLM)

python scripts/regex-filter.py --db ./discord.sqlite

Flags messages matching known injection patterns:

  • Instruction overrides
  • Role hijacking attempts
  • System prompt markers
  • Jailbreak keywords
  • Exfiltration attempts

Flagged messages get safety_status = 'regex_flagged'.

Layer 2: Haiku Safety Evaluation (Semantic)

ANTHROPIC_API_KEY=sk-... python scripts/evaluate-safety.py --db ./discord.sqlite

Uses Claude Haiku (~$0.25/1M tokens) to semantically evaluate remaining messages.

Each message gets a risk score 0.0-1.0:

  • 0.0-0.3: Normal conversation
  • 0.4-0.6: Suspicious but possibly benign
  • 0.7-1.0: Likely injection attempt

Messages scoring ≥0.6 get safety_status = 'flagged'.

Layer 3: Only Use Safe Content

The ingest and memory generation scripts should only use messages where:

SELECT * FROM messages WHERE safety_status = 'safe'

Full Security Pipeline

# Run complete pipeline
./scripts/secure-pipeline.sh ./export/ ./discord.sqlite

This runs: Export → SQLite → Regex Filter → Haiku Eval → Mark Safe

Safety Statuses

StatusMeaningUsed by Agent?
pendingNot evaluated❌ No
regex_flaggedMatched pattern❌ No
flaggedHaiku risk ≥0.6❌ No
safePassed all checks✅ Yes

Step 3: Ingest to SQLite

Convert JSON to a rich SQLite database:

python scripts/ingest_rich.py --input ./export/ --output ./discord.sqlite

What gets captured:

  • Every message with full content
  • Reactions (individual emoji counts: 🔥 x5, 👍 x12)
  • Author roles and colors
  • Channel categories and topics
  • Reply threading
  • Mentions, attachments, embeds

Step 4: Create Agent Workspace

mkdir -p ./my-agent/memory

Copy template files from templates/:

  • SOUL.md — Community identity (grows through simulation)
  • MEMORY.md — Long-term milestones
  • LEARNINGS.md — Patterns discovered
  • AGENTS.md — Key figures
  • TOOLS.md — Channels and rituals
  • HEARTBEAT.md — Maintenance protocol

Step 5: Generate Daily Memory Files

python scripts/generate_daily_memory.py --all \
  --db ./discord.sqlite \
  --out ./my-agent/memory/

Each day becomes a markdown file with:

  • Full conversation logs
  • Who said what, when
  • Reactions on each message
  • New channels/roles that appeared

Step 6: Simulate Growth (The Soul Emerges)

This is the key insight: Process days chronologically.

The agent "lives through" each day, updating its soul files as patterns emerge.

python scripts/simulate_growth.py --agent ./my-agent/

For each day (in order!):

  1. Read the day's memory file
  2. Update SOUL.md if identity shifted
  3. Add to LEARNINGS.md if patterns discovered
  4. Record milestones in MEMORY.md
  5. Note key figures in AGENTS.md

Run the prompts with an LLM:

# Example with OpenClaw
for f in ./my-agent/simulation/day-*.txt; do
  echo "Processing $f..."
  cat "$f" | openclaw chat --agent my-agent
done

Step 7: Birth the Agent

Add to OpenClaw config:

{
  "id": "my-community",
  "workspace": "/path/to/my-agent",
  "memorySearch": {
    "enabled": true,
    "sources": ["memory"]
  },
  "identity": {
    "name": "MyCommunity",
    "emoji": "🔧"
  },
  "heartbeat": {
    "every": "6h",
    "model": "anthropic/claude-sonnet-4-5"
  }
}

Add binding (Telegram example):

{
  "agentId": "my-community",
  "match": {
    "channel": "telegram",
    "peer": {"kind": "group", "id": "-100XXX:topic:TOPIC_ID"}
  }
}

Restart: openclaw gateway restart

Step 8: Keep It Alive

Set up a cron job to update daily:

./scripts/update_agent.sh \
  --agent ./my-agent \
  --db ./discord.sqlite \
  --guild YOUR_GUILD_ID

This:

  1. Exports new messages since last run
  2. Merges into SQLite
  3. Regenerates today's memory file
  4. Wakes the agent

What the Agent Can Do

Once birthed, your agent can:

Answer questions:

  • "What were we talking about last week?"
  • "Who's the expert on X topic?"
  • "What's our stance on Y?"

Remember culture:

  • Inside jokes and memes
  • Community values and norms
  • Who helps whom

Track patterns:

  • Active times and channels
  • Emerging topics
  • Key contributors

Scripts

Agent Creation

ScriptPurpose
create_agent.shFull pipeline: export → agent
ingest_rich.pyJSON → SQLite with reactions/roles
generate_daily_memory.pySQLite → daily markdown
simulate_growth.pyGenerate soul emergence prompts
incremental_export.shFetch new messages only
update_agent.shDaily cron: export → memory → wake

Security

ScriptPurpose
regex-filter.pyFast pattern matching for injection attempts
evaluate-safety.pyHaiku-based semantic safety evaluation
secure-pipeline.shFull security pipeline wrapper

Environment Variables

VariableDescription
DISCORD_GUILD_IDYour Discord server ID
DISCORD_SOUL_DBPath to SQLite database
DISCORD_SOUL_AGENTPath to agent workspace
DISCORD_TOKEN_FILEToken file (default: ~/.config/discord-exporter-token)

Troubleshooting

"No messages in database"

  • Check export directory has .json files
  • Verify token has guild access

"Memory files are empty"

  • SQLite might have dates in wrong format
  • Run: sqlite3 discord.sqlite "SELECT MIN(timestamp), MAX(timestamp) FROM messages"

"Agent doesn't remember things"

  • Check memorySearch.enabled: true in config
  • Verify memory files are in the workspace

"Simulation prompts seem confused"

  • Process days IN ORDER — don't skip
  • Let identity emerge, don't force it

Your Discord has a soul. This skill helps you find it.

Comments

Loading comments...