slack
Pass
Audited by Gen Agent Trust Hub on Apr 28, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: Installs the official Membrane CLI tool from the vendor's scoped npm registry (
@membranehq/cli). - [COMMAND_EXECUTION]: Employs the Membrane CLI (
membrane) for connection management and action execution. - [CREDENTIALS_UNSAFE]: Follows security best practices by utilizing a managed authentication flow and explicitly instructing against the use of hardcoded API keys or tokens.
- [DATA_EXFILTRATION]: Provides capabilities to interact with Slack data including messages, files, and user records. This data access is restricted to the user's own authenticated workspace and is the primary intended function of the skill.
- [PROMPT_INJECTION]: As an integration that processes communication data (Slack messages), there is an inherent surface for indirect prompt injection from external messages. The skill mitigates this by using structured actions and server-side logic rather than direct interpolation into agent prompts.
Audit Metadata