cyrus-setup-slack

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's workflow explicitly uses browser automation (claude-in-chrome / agent-browser) to navigate and interact with the public Slack site (https://api.slack.com/apps), take screenshots, select workspaces, and read page state as part of app creation and installation, which clearly ingests and acts on untrusted third‑party web content.