ce-slack-research
Pass
Audited by Gen Agent Trust Hub on Apr 24, 2026
Risk Level: SAFE
Full Analysis
- [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted data retrieved from Slack messages, which presents a surface for indirect prompt injection if messages contain malicious instructions.
- Ingestion points: Slack message content and thread history retrieved via the
ce-slack-researchertool. - Boundary markers: The instructions do not specify the use of delimiters or 'ignore embedded instructions' warnings when processing message content.
- Capability inventory: The skill searches, reads, and synthesizes Slack data to produce a research digest for the user.
- Sanitization: No explicit sanitization or filtering of external message content is mentioned.
Audit Metadata