slack-block-kit
Pass
Audited by Gen Agent Trust Hub on Apr 28, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [SAFE]: The skill is entirely composed of documentation files (Markdown) and JSON payload examples. No security vulnerabilities were identified in the instructional content.
- [NO_CODE]: There are no executable scripts (Python, JavaScript, or Shell) included in the skill files, significantly reducing the attack surface.
- [EXTERNAL_DOWNLOADS]: All external URLs provided in the documentation and examples point to official Slack developer resources (docs.slack.dev, slack.com) or well-known placeholder domains (example.com). No downloads from untrusted sources were detected.
- [PROMPT_INJECTION]: The skill does not contain any instructions attempting to bypass agent safety filters or override system behavior. The provided instructions focus solely on guiding the agent to correctly format Slack API payloads.
- [DATA_EXFILTRATION]: No sensitive data exposure or exfiltration patterns were found. Placeholders used in examples are generic (e.g., 'YOUR_API_KEY_HERE', 'U0123ABC').
Audit Metadata