slack
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill recommends installing the
@membranehq/clipackage via npm to facilitate communication with the Slack API. This is a vendor-owned resource for the 'membranedev' author. - [COMMAND_EXECUTION]: The skill utilizes the
membraneCLI to execute various integration tasks, includingmembrane action runandmembrane request. These are the primary mechanisms for the skill's functionality. - [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted data originating from Slack conversations.
- Ingestion points: Data is ingested through actions like
get-conversation-history,list-conversations, andsearch-messagesinSKILL.md. - Boundary markers: None detected; external message content is processed directly.
- Capability inventory: The skill has the ability to post messages, delete files, and make arbitrary API requests via the
membrane requestcommand. - Sanitization: No explicit sanitization or validation of the retrieved message content is documented.
Audit Metadata