ClawHub

Discord Chat

v1.0.0

Send messages, reply to messages, and search message history in Discord channels using the message tool. Use when the user wants to communicate with Discord (send/reply/search messages), check Discord activity, or interact with Discord channels.

2· 4.7k·43 current·44 all-time
by@bowenqt
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (Discord messaging/search) match the SKILL.md and reference docs. All actions (send, reply, search, channel management) are appropriate for a Discord bot integration.
Instruction Scope
Runtime instructions are limited to calling a local 'message' tool with Discord-specific parameters and referencing gateway config. There are no instructions to read unrelated system files, harvest environment variables beyond the expected bot token, or exfiltrate data to unexpected endpoints.
Install Mechanism
Instruction-only skill with no install spec and no code files — nothing is written to disk or downloaded by the skill itself. This is lowest-risk for install mechanics.
Credentials
The skill itself declares no required env vars or credentials. The documentation appropriately advises storing a Discord bot token in the gateway config or environment variables; that is expected for a Discord integration and proportional to the described functionality.
Persistence & Privilege
always is false and the skill doesn't request any platform-wide privileges or attempt to modify other skills' configs. Autonomous invocation (model invocation) is allowed but is the platform default and not excessive here.
Assessment
This skill is an instruction-only guide for routing actions through your gateway's 'message' tool and is coherent with a Discord bot integration. Before installing, verify you trust the skill owner and — crucially — the underlying gateway/plugin that actually holds and uses your bot token. Ensure you store the Discord bot token (DISCORD_BOT_TOKEN) securely (environment or secrets manager), grant the bot only the minimal permissions it needs, enable webhook secrets if you expose inbound webhooks, and monitor/rotate the token if it may be exposed. Because the skill is just documentation, the main risk is from the gateway or message plugin it expects to call; confirm those components are from trusted sources and audited. If you plan to allow autonomous agent actions, also audit what actions the agent is permitted to run (e.g., deleting channels/messages).

Like a lobster shell, security has layers — review code before you run it.

latestvk97ee5g2g7gqk0henm79mxzfr5800fhe

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments