agent-slackbot

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly fetches and ingests user-generated Slack messages (e.g., agent-slackbot message list used in templates/monitor-channel.sh and Common Patterns "Monitor Channel for New Messages") and the examples show the agent parsing message text and taking actions (responding, sending messages), so untrusted workspace messages can materially influence tool use and behavior.