slack-search

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill instructs the agent to search and read Slack messages (e.g., "slack_search_public", "slack_search_public_and_private", and using "slack_read_thread"/"slack_read_channel" in SKILL.md), which ingests user-generated/untrusted Slack content that the agent is expected to interpret and can materially influence its actions.