slack-cli

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly reads and processes user-generated Slack workspace content via Slack API calls (e.g., conversations.history, search.messages, conversations.replies) so it ingests untrusted third-party messages that could contain indirect prompt injection.