Huimai Discord Automation
WarnAudited by ClawScan on May 10, 2026.
Overview
No clear malware or exfiltration is shown, but this Discord moderation skill asks for powerful server-management authority and includes batch/skip-confirmation paths that deserve careful review.
Only install this if you are prepared to grant and manage a Discord bot token. Use a least-privilege bot role, start in log-only or confirmation mode, avoid professional skip-confirmation mode until rules are tested, require explicit approval for deletions/kicks/role changes, and verify the package provenance before use.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If enabled or invoked incorrectly, the bot could delete or change Discord content and permissions in bulk before a human reviews the specific action.
The skill explicitly offers a mode for batch actions without confirmation. Because the same skill is for Discord moderation and cleanup, this can affect public channels, messages, roles, or users.
- **专业模式(可选)**:批量操作,跳过确认
Keep the default confirmation/log-only mode, require explicit approval for deletes, kicks, role changes, and channel cleanup, and add allowlists, dry-runs, backups, and rollback procedures.
A leaked or over-privileged bot token could let someone alter messages, channels, or roles in the Discord server.
The code is designed to use a Discord token with broad management permissions. This is purpose-aligned for a moderation bot, but it is sensitive authority.
token: config.token || '', ... manageMessages: true, manageChannels: true, manageRoles: true
Use a dedicated Discord bot token with the minimum permissions needed, avoid administrator privileges, store the token securely, and revoke it if the skill is no longer used.
Users may rely on safety behavior that is not clearly enforced by the artifacts, especially for deletions, role assignments, or moderation actions.
The skill promises confirmation and backups for important operations, but the provided code exposes direct mutation-style methods and does not show enforcement of those safeguards.
- **温情模式(默认)**:操作前确认,重要操作备份
Treat the safety claims as policy guidance, not guaranteed enforcement, unless the implementation is updated to require confirmations and create backups for high-impact actions.
The bot may continue processing queued messages until stopped, so misconfigured rules could keep acting repeatedly.
The bot starts a repeating message-processing loop. This is expected for a Discord automation bot, but it is ongoing autonomous behavior once started.
setInterval(() => { ... this.processMessage(message); }, 100);Run it under supervision, confirm the stop behavior, and monitor logs and permissions during initial rollout.
It is harder to verify whether the packaged files match the intended release before trusting it with server-management access.
The registry has limited provenance information, while included files also show different versions. No unsafe install script is shown, but provenance matters for a skill that may receive a Discord bot token.
Source: unknown; Homepage: none; Version: 2.0.0
Verify the publisher/source and version, and review the installed files before configuring real Discord credentials.