slack-poster
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- Data Exposure & Exfiltration (LOW): The skill description indicates network communication with Slack (api.slack.com) to post updates. Because Slack is not on the trusted domain whitelist, this is flagged as a low-severity network operation, though no sensitive file access was detected.
- Indirect Prompt Injection (LOW): The skill processes untrusted news headlines and stories, which is a known surface for indirect prompt injection. Ingestion points: Business news stories and headlines from external sources (SKILL.md). Boundary markers: None identified; there are no explicit delimiters or safety instructions to ignore instructions within the ingested data. Capability inventory: The skill uses Slack API tokens to post messages and threads to specified channels. Sanitization: No evidence of input validation or sanitization was found in the documentation.
Audit Metadata