access

This skill provides a robust access control layer for Discord-integrated agents, allowing users to define who can interact with the bot and how. By managing permissions through local JSON state files, it enables fine-grained control over group interactions, private messaging policies, and pairing workflows. It is specifically designed for developers and power users who need to secure their Discord agent environment against unauthorized access or prompt injection. The skill ensures that only explicitly authorized users can interact with the agent, while maintaining an audit trail of access requests and policy configurations.

• Manage DM access policies including pairing, allowlisting, and complete access suspension.

• Secure Discord group interactions with configurable mention requirements and specific user allowlists.

• Handle pending pairing codes with expiration logic to prevent stale or unauthorized access attempts.

• Configure operational settings like acknowledgment reactions, text chunking, and regex-based mention patterns.

• Direct integration with local filesystem state, ensuring that configurations are easily auditable and backup-friendly.

• Always trigger access mutations via terminal command-line interface, never through automated channel messages to mitigate security risks.

• Verify pending entries manually; the system prevents auto-approval to guard against prompt injection attacks.

• Ensure the user snowflake ID and chat channel ID are distinguished accurately during configuration.

• Use the standard slash command interface for all updates to the access.json state file.