Replace "Join servers for you" permission with "Ask to join servers for you"
I am suggesting this in order to stop scams and otherwise malicious usage of the API to get people banned.
Why i think doing this would be good: It would make people a bit more aware of what bots are doing, and hopefully make more people take action against scam bots and stop themselves for unintentionally getting banned. it also forces bots to join servers when a user is active and more aware of what a bot does.
But why not just remove the permission?: Making people aware that it is happening is better than just ouright stopping things from working. There may be a few bots that use this legitimately, but Having a way to quickly report a bot without following through and getting yourself banned is better than doing absolutely nothing. and it's also better than getting your account banned for no reason whatsoever.
-
Your suggestion to enhance awareness among users about bot activities and provide a means to report suspicious bots without risking one’s own account is insightful. It’s a proactive approach that balances the need for functionality with security concerns.
Here are some steps that could be implemented to support your idea:
Transparency: Implement logging features that inform users of all actions performed by bots, especially those involving sensitive permissions.
User Education: Provide clear documentation and communication about the potential risks of bots and how to identify malicious behavior.
Reporting Mechanism: Create an easy-to-use reporting system that allows users to flag bots they suspect of malicious activities without executing any potentially harmful actions.
Permission Review: Regularly review bot permissions and ensure they only have the minimum required for their function, reducing the scope for abuse.
Audit Trails: Maintain audit trails for bot actions, so there’s a record that can be reviewed if there’s suspicion of misuse.
By implementing such measures, you can help create a safer environment where legitimate bots can operate without giving free rein to malicious ones. It’s important to strike a balance that maintains functionality while protecting users. Remember, any changes should be communicated clearly to the user base to ensure they understand the new features and how to use them effectively.
I hope my suggestion is helpful for you.
Best Regard,
Patrick Fritz
AARPMahjongg0 -
Above comment is most likely AI generated, I'm so sick of seeing these everywhere. 😔
Anyways, you won't always be at your computer to confirm whether or not you want to join a server, I assume that's likely why Discord has it setup to where you aren't asked. Though, I can imagine a string that says “Joined by <application>” below the server name would be much more insightful and helpful with sifting through what is and isn't a scam.
0 -
I was thinking it would get queued up while you are away, and you reveiw if you want to let the bot(s) join the server(s) for you once you come back, and be able to report a bot that has suspicious behaviour, for example, trying to join you into a scam server.
0
Please sign in to leave a comment.
Comments
3 comments