slack-messaging
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCREDENTIALS_UNSAFECOMMAND_EXECUTION
Full Analysis
- EXTERNAL_DOWNLOADS (HIGH): The skill downloads a pre-compiled binary from
https://github.com/shaharia-lab/slackcli. This repository and organization are not part of the trusted external sources list, posing a risk of supply chain attack. - REMOTE_CODE_EXECUTION (HIGH): Following the download, the skill instructs the user to
chmod +xthe binary and execute it. Running unverified binaries from the internet is a primary vector for remote code execution. - CREDENTIALS_UNSAFE (HIGH): The skill facilitates the use of Slack session tokens (
xoxd-,xoxc-). Unlike standard bot tokens, these session tokens grant the ability to impersonate the user's entire browser session and are stored in plaintext at~/.config/slackcli/workspaces.json. - COMMAND_EXECUTION (MEDIUM): The documentation references an internal script
./scripts/extract-tokenswhich is not provided in the skill package, making its behavior unverifiable and potentially dangerous.
Recommendations
- AI detected serious security threats
Audit Metadata