slack-message-composer
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWNO_CODEPROMPT_INJECTION
Full Analysis
- [NO_CODE] (SAFE): The file templates/slack_template.md is a static documentation template and contains no scripts, commands, or network operations.
- [PROMPT_INJECTION] (LOW): The template defines an indirect prompt injection surface. 1. Ingestion points: Data from the agent context is interpolated into multiple placeholders like [BODY_SECTION_1] and [MESSAGE_PURPOSE]. 2. Boundary markers: Absent; the template uses simple square brackets that provide no isolation for untrusted content. 3. Capability inventory: The instructions direct the agent to perform a file-write operation to the /claudedocs/ directory. 4. Sanitization: No input validation or sanitization requirements are defined in the template usage instructions.
Audit Metadata