slack-connect

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill fetches and displays user-generated Slack content (e.g., via slack-master/scripts/channel_history.py, search_messages.py, list_files.py and list_channels.py), so the agent will ingest untrusted third-party messages/files from the workspace that could contain indirect prompt-injection.