slack-master

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill clearly reads user-generated Slack content (e.g., conversations.history via scripts/channel_history.py and search.messages via scripts/search_messages.py, as well as files.list/search_files.py) so the agent will ingest third-party workspace messages/files that could carry indirect prompt-injection instructions.