slack-explorer

This script actively extracts Slack authentication secrets from the host (Keychain and Cookies DB), decrypts them, and uses them to obtain API tokens; it then prints these sensitive tokens to stdout. Functionally it is a credential-harvesting tool for Slack on macOS. If used by an attacker or included in a package without clear intent and user consent, it poses a serious privacy and security risk. There is no obfuscation, but the behavior is clearly invasive. Recommend not running this on systems you do not control or trust and treat any package containing this code as high-risk for credential theft.