Discord Digest
SuspiciousAudited by ClawScan on May 10, 2026.
Overview
The skill appears to do its advertised read-only Discord digest job, but it asks for and stores a broad Discord user token, which is a high-impact credential.
Install only if you are comfortable giving this skill a Discord user token. The code shown is read-only and purpose-aligned, but a user token is powerful, may violate Discord ToS, and is stored locally. Prefer a scoped bot/OAuth approach; otherwise restrict channels, protect the config file, avoid sharing the digest automatically, and rotate the token when finished.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the token is exposed or misused, it may allow broad access to the user's Discord account and servers, and the artifact itself warns that user-token use may violate Discord ToS.
This instructs users to provide a Discord user/session token. That credential is broader than a digest-only permission and can represent the user's Discord account, even though the skill's code only performs read-oriented API calls.
Get token from browser: Discord (web) → F12 → Network → any API request → Headers → `Authorization` value.
Prefer a scoped Discord bot or OAuth flow. If using this skill anyway, use the least-privileged account possible, limit configured channels, and rotate/revoke the token after use.
Local users, other processes, backups, or other tools with access to the workspace config file could recover the Discord token.
The full Discord token is written directly into a local JSON config file. The artifacts do not show use of a secret store, encryption, restrictive file permissions, or safer token-entry handling.
config["discord_token"] = token
save_config(config)
...
with open(CONFIG_FILE, 'w') as f:
json.dump(config, f, indent=2, ensure_ascii=False)Store the token in a dedicated secret manager or protected environment variable, avoid passing it on the command line, and restrict the config file permissions if it must be stored locally.
A user may install the skill without realizing it depends on a sensitive Discord account token.
The registry metadata does not declare the Discord token requirement even though SKILL.md and the scripts require and persist a user token. This under-discloses a primary high-impact credential before installation.
Primary credential: none Required env vars: none Env var declarations: none
Declare the Discord token as a primary credential in metadata and document its scope, storage location, revocation steps, and safer alternatives.
Private or members-only Discord messages could be summarized and shared outside Discord if the cron example is enabled.
The optional cron example forwards generated Discord digests to Telegram. This is user-directed, but it moves potentially private Discord content to another service.
"message": "Run: cd ~/.openclaw/workspace/skills/discord-digest && python3 scripts/run_digest.py --hours 24. Send the output to Telegram."
Only enable forwarding to Telegram if the server rules and participants allow it, and verify the destination chat/channel and selected Discord channels first.