recipe-slack-standup-summary
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses 'npx tsx' to execute local TypeScript scripts to interface with Slack APIs. These scripts are referenced via relative paths to a peer 'pd-slack' directory.
- [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted Slack messages and thread data which could contain adversarial instructions. Ingestion points: Slack channel activity and thread content fetched via 'pd-slack.ts' in 'SKILL.md'. Boundary markers: None identified. Capability inventory: Execution of local scripts via 'npx tsx'. Sanitization: No specific content sanitization or filtering is described.
Audit Metadata