slack
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill defines routine operations for Slack interaction, such as sending, editing, and deleting messages, as well as managing pins and reactions. It utilizes environment-configured tokens rather than hardcoded credentials.- [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted data from Slack messages, which presents an inherent surface for indirect prompt injection.
- Ingestion points: The
readMessagesaction allows the agent to ingest arbitrary content from Slack channels. - Boundary markers: No explicit markers or delimiters are defined in the skill documentation to isolate message content.
- Capability inventory: The skill possesses write capabilities including
sendMessage,editMessage,deleteMessage, andpinMessage. - Sanitization: No sanitization or filtering logic is present within the skill definition; security depends on the underlying agent framework's handling of tool outputs.
Audit Metadata