Back to skill

Security audit

discord admin

Security checks across malware telemetry and agentic risk

Overview

This is a transparent Discord administration skill, but it gives an agent broad live-server control without enough guardrails for destructive or bulk actions.

Install only if you intentionally want an agent to administer a Discord server. Use a dedicated bot with the minimum permissions needed instead of Administrator where possible, avoid passing tokens with --token, keep the token out of logs and shared terminals, test on a non-production server first, and require explicit human review before delete, ban, prune, webhook, guild-edit, template, or bulk actions.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (7)

Lp3

Medium
Category
MCP Least Privilege
Confidence
95% confidence
Finding
The skill advertises full Discord administrative control via shell commands but does not declare permissions or clearly scope what the agent is allowed to do. In an agent environment, undeclared shell capability combined with server-admin functionality increases the chance of silent overreach, unsafe invocation, or accidental execution of destructive actions.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The documented channel deletion and pruning commands are destructive and potentially irreversible, yet the skill does not present prominent warnings, confirmations, or rollback limitations near those commands. In an agent-assisted workflow, users may trigger deletion based on a natural-language request without appreciating the blast radius.

Missing User Warnings

High
Confidence
97% confidence
Finding
Mass ban, mass kick, and bulk role assignment commands can affect many users at once and create immediate, large-scale disruption or privilege changes. Because the documentation lacks prominent safeguards, preview steps, or mandatory confirmations, an agent or operator could execute high-impact moderation actions with a very large blast radius.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The quick-start instructs users to export a Discord bot token without explicitly warning that the token is a sensitive secret granting administrative API access. If exposed through shell history, logs, screenshots, or shared environments, the token could allow full server compromise through the very commands this skill supports.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The script exposes many destructive administrative actions such as channel deletion, bans, webhook changes, role changes, and guild modifications without any confirmation, dry-run mode, or safety interlock. In a full-server-control skill, this significantly increases the chance of accidental or scripted misuse causing irreversible moderation, configuration, or content loss.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
Allowing the Discord bot token to be passed via --token exposes a sensitive credential through shell history, process listings, logs, and job-control tooling on multi-user systems. Because this skill provides broad Discord administrative control, token disclosure can lead to full compromise of the bot's privileges across servers where it is installed.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The script exposes destructive administrative actions such as deleting channels, deleting roles, kicking members, banning users, and deleting messages with no confirmation, dry-run mode, or safety interlock. In a full server administration skill, this increases the likelihood of accidental or scripted misuse that can immediately disrupt or damage a Discord server.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.