slack-webhook
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill utilizes bash to execute curl commands for API requests. This is a standard and documented practice for such integrations.
- [DATA_EXFILTRATION] (SAFE): It sends message payloads to the Slack API. Although this involves external network communication, it is the intended and primary function of the skill.
- [PROMPT_INJECTION] (LOW): The skill presents an indirect prompt injection surface as it processes user-provided content for message delivery. 1. Ingestion points: User or agent-provided text used to populate the Slack message JSON. 2. Boundary markers: Absent. 3. Capability inventory: File-write access to /tmp and network POST requests via curl. 4. Sanitization: Absent; the skill relies on the calling agent to format content into valid JSON.
Audit Metadata