slack
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- Command Execution: The skill uses the Bash tool to control browser sessions via the agent-browser utility. This allows for automated navigation, clicking, and data extraction from the Slack web interface.
- External Tooling: The skill employs npx to run the agent-browser tool. This is a standard method for executing vendor-provided packages and is documented as part of the skill's operational requirements.
- Indirect Prompt Injection Surface: The skill is designed to read Slack messages and channel details. Ingestion points: Methods like snapshot and get text are used to retrieve message content. Boundary markers: There are no explicit markers defined to separate Slack content from the agent's internal instructions. Capability inventory: The agent has access to browser automation tools and the ability to save data locally. Sanitization: No specific filtering or sanitization of the retrieved Slack data is performed. This is a characteristic of skills that aggregate communication data for analysis.
Audit Metadata