← 返回 Skills 市场
Discord Hub My
作者
ingejanben268
· GitHub ↗
· v1.0.2
1582
总下载
0
收藏
5
当前安装
3
版本数
在 OpenClaw 中安装
/install discord-hub-my
功能描述
OpenClaw skill for Discord Bot API workflows, covering interactions, commands, messages, and operations using direct HTTPS requests.
使用说明 (SKILL.md)
Discord Bot API Skill (Advanced)
Purpose
Provide a production-oriented guide for building Discord bot workflows via the REST API and Interactions, focusing on professional command UX, safe operations, and direct HTTPS usage (no SDKs).
Best fit
- You want command-first bot behavior and clear interaction flows.
- You prefer direct HTTP requests without a library dependency.
- You need a structured map of Discord API surfaces.
Not a fit
- You need a full SDK or gateway client implementation.
- You plan to stream large media uploads directly.
Quick orientation
- Read
references/discord-api-overview.mdfor base URL, versioning, and object map. - Read
references/discord-auth-and-tokens.mdfor token types and security boundaries. - Read
references/discord-interactions.mdfor interaction lifecycle and response patterns. - Read
references/discord-app-commands.mdfor slash, user, and message commands. - Read
references/discord-messages-components.mdfor messages, embeds, and components. - Read
references/discord-gateway-webhooks.mdfor gateway vs webhook tradeoffs. - Read
references/discord-rate-limits.mdfor throttling and header-based handling. - Read
references/discord-request-templates.mdfor HTTP payload templates. - Read
references/discord-feature-map.mdfor the full surface checklist.
Required inputs
- Bot token and application ID.
- Interaction endpoint public key (if using interaction webhooks).
- Command list and UX tone.
- Allowed intents and event scope.
Expected output
- A clear bot workflow plan, command design, and operational checklist.
Operational notes
- Prefer interactions and slash commands over prefix parsing.
- Always validate incoming interaction signatures.
- Keep payloads small and respond quickly to interactions.
Security notes
- Never log tokens or secrets.
- Use least-privilege permissions and scopes.
安全使用建议
This package is inconsistent: the README asks for bot tokens and interaction keys but the code only uses a WEBHOOK_URL and sources a local .env. Before installing or running: 1) Ask the publisher to clarify which credentials are actually required and to declare them in registry metadata. 2) Inspect any .env file you might place in the skill directory — do not reuse a file that contains unrelated secrets. 3) If you only need webhook posting, prefer supplying a dedicated webhook URL with least privileges; do not supply your Bot token unless the skill explicitly needs and documents how it will be used. 4) Run the scripts in a sandboxed environment (or review/modify them) to ensure they don't load unexpected secrets or call remote endpoints you don't control. 5) Note the metadata/manifest inconsistencies (ownerId/slug differences) and prefer skills with clear provenance. If the author cannot explain the mismatches, treat the package with caution or avoid installing it.
功能分析
Type: OpenClaw Skill
Name: discord-hub-my
Version: 1.0.2
The skill is classified as suspicious due to its use of `run.sh` to source a local `.env` file, which loads all variables into the environment, and `discord_send.sh` making an outbound network request via `curl` to a user-provided `WEBHOOK_URL`. While these capabilities are plausibly needed for the stated purpose of sending Discord messages, they represent meaningful high-risk behaviors (broad file access for configuration and arbitrary network requests) that prevent a benign classification. There is no clear evidence of intentional malicious behavior like data exfiltration of unrelated secrets or persistence.
能力评估
Purpose & Capability
The skill describes Discord Bot API workflows (bot tokens, interaction public key, application ID) and REST request templates — that purpose is plausible. However the included scripts implement only a simple webhook sender (requires WEBHOOK_URL), and the registry metadata lists no required env vars or primary credential. There is thus a mismatch between the stated capability (full bot operations using tokens) and the actual code (webhook-only).
Instruction Scope
SKILL.md instructs the agent/operator to provide bot tokens, application ID, and interaction public key and references signature verification and rate-limit handling, but the runtime files do not implement those behaviors. The run.sh sources a .env file from the skill directory (it will load any environment variables placed there). The instructions give broad guidance but do not match the code, granting the agent/operator ambiguous discretion about where/how to supply secrets.
Install Mechanism
No install spec; this is instruction-only with two small shell scripts. Nothing is downloaded or written by an installer, which minimizes install-time risk.
Credentials
Registry metadata declares no required env vars, yet SKILL.md asks for sensitive credentials (bot token, application ID, interaction public key). The actual scripts expect WEBHOOK_URL (not declared). run.sh auto-sources a local .env, which could cause accidental loading of unrelated secrets if a user drops a .env containing other credentials into the skill folder. The mismatch between declared requirements and actual env usage is a red flag.
Persistence & Privilege
always is false and there is no install; the skill does not request persistent system privileges or modify other skills. It only contains small scripts that execute when run.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install discord-hub-my - 安装完成后,直接呼叫该 Skill 的名称或使用
/discord-hub-my触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.2
- Removed 11 reference and metadata files, including SKILL.md, _meta.json, and all documentation under references/.
- The skill now contains no internal documentation or guidance files.
- Core skill description and structural information remain unchanged.
v1.0.1
Initial release with comprehensive Discord Bot API workflow resources.
- Added detailed Markdown references for API overview, authentication, commands, interactions, messages, components, gateway/webhooks, rate limits, and API request templates.
- Included shell scripts for Discord message sending and skill operation.
- Provided a structured SKILL.md for orientation and operational guidance.
- Supplied meta and reference mapping for clear organization.
v1.0.0
discord-hub-my 1.0.0 initial release
- Provides a production-oriented skill for building Discord bot workflows using only direct HTTPS requests.
- Covers Discord API features including interactions, commands, messages, and safe operations.
- Emphasizes professional command UX and security best practices.
- Includes orientation for key API references, templates, and recommended security boundaries.
- Designed for users preferring HTTP requests over full SDK or gateway implementations.
元数据
常见问题
Discord Hub My 是什么?
OpenClaw skill for Discord Bot API workflows, covering interactions, commands, messages, and operations using direct HTTPS requests. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 1582 次。
如何安装 Discord Hub My?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install discord-hub-my」即可一键安装,无需额外配置。
Discord Hub My 是免费的吗?
是的,Discord Hub My 完全免费(开源免费),可自由下载、安装和使用。
Discord Hub My 支持哪些平台?
Discord Hub My 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Discord Hub My?
由 ingejanben268(@ingejanben268)开发并维护,当前版本 v1.0.2。
推荐 Skills