Discord's _fetch_channel_context backfills recent channel/thread activity (from any member who can post there, not just the allowlisted user) into the agent's context with no sender-trust distinction. Slack's equivalent _fetch_thread_context was fixed to prefix non-allowlisted senders with [unverified] and add LLM guidance not to act on their content, mitigating indirect prompt injection from third parties in shared channels/threads. Port the same mechanism to Discord using the already-wired _is_sender_authorized/set_authorization_check plumbing. |
||
|---|---|---|
| .. | ||
| browser | ||
| context_engine | ||
| cron_providers | ||
| dashboard_auth | ||
| disk-cleanup | ||
| google_meet | ||
| hermes-achievements | ||
| image_gen | ||
| kanban | ||
| memory | ||
| model-providers | ||
| observability | ||
| platforms | ||
| security-guidance | ||
| spotify | ||
| teams_pipeline | ||
| video_gen | ||
| web | ||
| __init__.py | ||
| plugin_utils.py | ||