Discrawl
Security checks across static analysis, malware telemetry, and agentic risk
Overview
Discrawl appears purpose-aligned for searching Discord archives, but it can access private Discord data and optional bot credentials through an externally installed CLI.
Before installing, confirm you trust the external Discrawl CLI, use only least-privilege Discord bot credentials, avoid user tokens, and verify any shared archive snapshots exclude secrets and private DMs.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may surface or store private Discord messages while answering archive questions.
The skill can read DMs, local Discord Desktop artifacts, and archive snapshots; this is central to its purpose but involves sensitive private content.
discrawl dms --last 20 ... Wiretap reads local Discord Desktop artifacts only ... Git-share snapshots must not include secrets or `@me` DM rows.
Use it only with Discord archives you are comfortable searching, and avoid sharing snapshots unless you have verified that secrets and private DM rows are excluded.
A configured bot may access Discord content within its permissions.
The skill may require Discord bot credentials for sync and explicitly distinguishes them from user tokens; credential use is expected but sensitive.
Boundaries: bot sync needs configured Discord bot credentials. Wiretap reads local Discord Desktop artifacts only; do not extract user tokens, call Discord as the user, or write to Discord storage.
Use least-privilege bot credentials, do not provide user tokens, and confirm which servers/channels the bot can read.
Incorrect SQL or an approved unsafe mutation could alter the local archive database.
The skill exposes raw SQL and a possible unsafe mutation path, but the documented default is read-only and mutation requires explicit reviewed user request.
DISCRAWL_NO_AUTO_UPDATE=1 discrawl --json sql "select count(*) from messages;" ... Never use `--unsafe --confirm` unless the user explicitly requests a reviewed DB mutation.
Keep SQL read-only unless you intentionally want a database change and have reviewed the exact command.
Future installs could receive a different version of the CLI than the one originally reviewed.
The install uses an unpinned @latest Go module, so the fetched binary may change over time even though this is a normal install method for a CLI-based skill.
go | module: github.com/openclaw/discrawl/cmd/discrawl@latest | creates binaries: discrawl
Install only if you trust the Discrawl source, and prefer pinning or reviewing the module version in sensitive environments.