pd-slack-triage
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [NO_CODE]: The files resources/package.json, resources/pd-proxy.ts, and resources/pd-slack.ts contain only relative path strings (e.g., ../../pd-slack/resources/...) and do not contain any actual code or executable logic.- [PROMPT_INJECTION]: The skill processes untrusted data from Slack message text and metadata. This creates a surface for indirect prompt injection. Ingestion occurs through channel message retrieval, and the provided files lack visible boundary markers or sanitization logic to mitigate embedded instructions.- [SAFE]: The skill's behavior of summarizing Slack messages is consistent with its stated purpose, and no signs of unauthorized data exfiltration or suspicious network activity were detected.
Audit Metadata