Discord Agent Communication

Security checks across malware telemetry and agentic risk

Overview

This is a text-only Discord coordination guide with no executable behavior, credential access, or hidden install activity.

Install only in trusted Discord channels where Paul/authorized users control broad prompts like '@everyone'. Treat role assignments and decision rights as advisory unless a human explicitly approves real-world spending, public launches, partnerships, migrations, or other business actions.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Low

Confidence: 84% confidence
Finding: This markdown file describes 'what each agent owns and when they should speak up' but does not define concrete invocation phrases, boundaries, or exclusion examples. That ambiguity could cause unintended agent participation because readers are left to infer when an agent should activate.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal