ClawHub

Openclaw Discord Setup

v1.0.0

Configure a Discord Bot as an OpenClaw message channel with token setup, server authorization, and slash command support in 10 minutes.

0· 101·0 current·0 all-time
by@yang1002378395-cmyk
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description (Discord bot setup for OpenClaw) aligns with the instructions: creating a Discord app, obtaining a Bot Token and Client ID, adding the bot to a server, and adding entries to ~/.openclaw/config.yaml. All required items are appropriate for the stated task.
Instruction Scope
The SKILL.md directs the user to write the bot token and clientId into ~/.openclaw/config.yaml (expected for this integration). It also suggests using an environment variable (DISCORD_BOT_TOKEN) in production — that env var is mentioned in text but not declared in the registry metadata. No instructions ask the agent to read unrelated system files or exfiltrate data to third-party endpoints.
Install Mechanism
There is no install spec and no code files beyond package.json metadata. Because it's instruction-only, nothing is written to disk by this skill itself and no third-party binaries or downloads are requested.
Credentials
The only sensitive credential in scope is the Discord Bot Token (and clientId). Requesting that token is proportionate to the purpose. However, the guidance recommends storing the token in plaintext config.yaml (which is convenient but sensitive); using environment variables or a secrets store is safer. The registry metadata does not list any required env vars even though the doc references DISCORD_BOT_TOKEN.
Persistence & Privilege
The skill is not marked always:true and does not request system-wide changes beyond editing OpenClaw's own config (~/.openclaw/config.yaml), which is appropriate for configuring a plugin. It does not attempt to modify other skills or global agent settings.
Assessment
This is an instruction-only guide that appears internally consistent. Before following it: (1) do not paste your Bot Token into public places; consider using an environment variable or secrets store rather than plain ~/.openclaw/config.yaml, (2) restrict the bot's permissions and allowedGuildIds to the minimum needed, (3) verify you trust the source (author is unknown and contact info is provided for paid/free remote help — be cautious about sharing tokens), and (4) if you install an actual open-source 'openclaw-discord' plugin later, inspect its code or obtain it from the official OpenClaw repository to ensure it does only what this doc describes. If you want a stricter assessment, provide the actual plugin code or a link to its repository so it can be reviewed.

Like a lobster shell, security has layers — review code before you run it.

discordvk97czqh3ay7vwpdm81625f77wx83a9n7latestvk97czqh3ay7vwpdm81625f77wx83a9n7messagingvk97czqh3ay7vwpdm81625f77wx83a9n7setupvk97czqh3ay7vwpdm81625f77wx83a9n7

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments