Discord
Use when you need to control Discord from Clawdbot via the discord tool: send messages, react, post or upload stickers, upload emojis, run polls, manage threads/pins/search, fetch permissions or member/role/channel info, or handle moderation actions in Discord DMs or channels.
v1.0.1
2026/01/05
No changelog provided.
Security Scan
Status
suspicious
OpenClaw
gpt-5.5
OpenClaw analysis
This Discord skill is transparent about its capabilities, but it gives an agent broad Discord posting, deletion, search, and moderation-style powers without explicit safety or confirmation rules.
Confidence: medium
VirusTotal
Type: OpenClaw Skill Name: discord Version: 1.0.1 The skill is classified as suspicious primarily due to the `mediaUrl` parameter in `SKILL.md` supporting `file:///path` for local file uploads (e.g., `emojiUpload`, `stickerUpload`, `sendMessage`). While this capability might be intended for legitimate media uploads, it grants broad local file read access to the agent, which could be abused for data exfiltration of sensitive files (e.g., credentials, private keys) if the agent is compromised via prompt injection. Additionally, the 'Discord Writing Style Guide' in `SKILL.md` demonstrates prompt injection against the agent, albeit for stylistic control rather than malicious actions.