egghead-slack
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill indexes and processes data from Slack channels, DMs, and files, which are sources of untrusted external content.
- Ingestion points: The skill relies on Slack API endpoints such as
conversations.historyandsearch.messagesto ingest content. - Boundary markers: The skill documentation lacks explicit boundary markers or instructions for the agent to ignore potentially malicious commands embedded in indexed messages.
- Capability inventory: The skill allows the agent to send messages (
chat:postMessage) and upload files using bot and user tokens, which could be exploited if the agent obeys instructions from ingested Slack data. - Sanitization: No sanitization or content validation logic is specified for the data entering the intelligence pipeline.
Audit Metadata