Skills
skills/automateyournetwork/netclaw/slack-incident-workflow/Gen Agent Trust Hub

slack-incident-workflow

Pass

Audited by Gen Agent Trust Hub on Mar 18, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes shell commands to perform network diagnostics and interact with external integration scripts. It utilizes a structured pattern involving python3 $MCP_CALL to invoke diagnostic tools like pyATS and to update records in ServiceNow (file: SKILL.md).
  • [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection as it ingests and processes content from Slack channels.
  • Ingestion points: The skill reads Slack channel and group history (channels:history, groups:history) to identify incident reports and track team responses.
  • Boundary markers: No explicit delimiters or instructions to ignore potential instructions within the Slack messages are defined.
  • Capability inventory: The skill can execute shell commands for diagnostics and modify ServiceNow ticketing records (file: SKILL.md).
  • Sanitization: No evidence of input validation or sanitization of data retrieved from Slack threads is present.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 18, 2026, 06:13 AM