slack
Pass
Audited by Gen Agent Trust Hub on Mar 21, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests untrusted data from external Slack channels and possesses capabilities to interact with those channels.\n
- Ingestion points: External content is ingested through the
readMessages,reactions, andlistPinsactions defined inSKILL.md.\n - Boundary markers: No specific boundary markers or instructions to disregard potential commands within the ingested data were found.\n
- Capability inventory: The skill possesses significant capabilities including
sendMessage,editMessage,deleteMessage,pinMessage,unpinMessage, andreact.\n - Sanitization: No explicit evidence of sanitization or validation of the ingested Slack content is provided in the skill files.
Audit Metadata