slack
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection attack surface.
- Ingestion points: Untrusted content is ingested via the 'readMessages' and 'reactions' actions (SKILL.md).
- Boundary markers: There are no delimiters or instructions to ignore commands within the fetched content.
- Capability inventory: The agent has extensive write capabilities including 'sendMessage', 'editMessage', and 'deleteMessage' (SKILL.md).
- Sanitization: No sanitization or validation of the retrieved Slack content is specified.
Audit Metadata