ClawHub

discord admin

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed Discord administration tool, but it gives an agent broad server-changing power with few built-in safeguards.

Install only if you intentionally want an agent to administer a Discord server. Use a dedicated least-privilege bot limited to the intended guild, avoid passing the token on the command line, keep the token out of logs and shared shells, and manually review any delete, ban, kick, webhook, role, guild-setting, or bulk command before execution.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (6)

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill is marketed as providing 'full server control' and documents destructive administration features without upfront warnings, guardrails, or confirmation guidance. In a high-privilege Discord administration context, this increases the chance of accidental or socially engineered misuse leading to bans, deletions, permission changes, or server disruption.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The quick-start instructions tell users to export a Discord bot token but provide no warning that this token is a sensitive secret with broad administrative power. If copied into shell history, logs, screenshots, shared terminals, or reused insecurely, the token could be stolen and used to fully compromise Discord servers managed by the bot.

Missing User Warnings

High
Confidence
97% confidence
Finding
The documentation includes mass-ban, mass-kick, bulk role assignment, and permission-sync operations without strong cautionary language or confirmation safeguards. These are high-blast-radius actions that can be abused intentionally or triggered mistakenly to cause widespread member removal, privilege escalation, or loss of access across a server.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
Allowing a bot token to be passed on the command line exposes the credential through shell history, process listings, job control tools, and audit logs visible to other local users or monitoring systems. In this skill, the token grants broad Discord administrative power, so credential disclosure can lead to full server takeover, destructive actions, and data access.

Missing User Warnings

High
Confidence
93% confidence
Finding
High-impact operations such as deletions, bans, kicks, bulk actions, role changes, guild edits, and leaving a guild execute immediately with no confirmation, dry-run, or safety interlock. In a full-server administration skill, a mistyped ID, malformed script wrapper, or accidental invocation can cause irreversible moderation and configuration damage at scale.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The script exposes destructive administrative actions such as channel deletion, role deletion, kicks, bans, and message deletion with no confirmation, dry-run, or safeguard. In a high-privilege Discord administration skill, a mistaken invocation, automation bug, or prompt-injection-driven tool call could immediately cause disruptive server changes.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal