slack-skill

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's bridge (slack_bridge.py) and slack_skill.py explicitly read incoming Slack messages (user-generated content) and send them to Claude Code (see run_claude_code / run_claude_with_progress) for interpretation and automatic replies, allowing arbitrary third-party Slack content to influence actions and tool use.