ClawHub

Discord

Security checks across malware telemetry and agentic risk

Overview

This Discord skill is a disclosed OOMOL connector wrapper for mostly read-only Discord account and public-resource lookups, with minor documentation scoping issues but no artifact-backed malicious behavior.

Install only if you are comfortable connecting Discord to OOMOL and allowing the agent to run oo CLI connector commands for Discord lookups. Treat this version as read-oriented despite the broad description, and be cautious if asked to use it for posting, editing, deleting, moderation, or other Discord write/admin tasks that are not listed in its action files.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Intent-Code Divergence

Medium
Confidence
95% confidence
Finding
The documentation marks `get_invite` as a write action and tells the operator to confirm payload and intended effect before running, even though the action is described as only retrieving an invite. This kind of permission/side-effect mislabeling can mislead users and agents about operational risk, causing unnecessary approval friction or, more importantly, training them to distrust action classifications and make poor decisions on truly state-changing actions.

Vague Triggers

Medium
Confidence
78% confidence
Finding
The trigger phrase instructs use of this skill for ANY Discord request, which is broader than the documented capabilities and can cause an agent to route unrelated or unsupported Discord tasks into this connector automatically. In practice, that can suppress safer tool selection, create misleading assumptions about available operations, and increase the chance of inappropriate execution paths or failure-handling that nudges users toward risky setup steps.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal