Skills
skills/winsorllc/upgraded-carnival/slack-notify/Gen Agent Trust Hub

slack-notify

Pass

Audited by Gen Agent Trust Hub on Mar 1, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill installs the axios library from the NPM registry. Axios is a standard, well-known package for making HTTP requests and is considered a safe dependency.
  • [PROMPT_INJECTION]: The skill contains a vulnerability surface for indirect prompt injection (Category 8) because it accepts and transmits unsanitized input (text and options) to an external Slack endpoint.
  • Ingestion points: Data enters the skill via the text and options arguments of the sendSlackMessage function in index.js.
  • Boundary markers: No delimiters or instructions to ignore embedded commands are present in the prompt or code.
  • Capability inventory: The skill has network capabilities (HTTP POST) via the axios library in index.js.
  • Sanitization: There is no evidence of input validation, escaping, or sanitization of the payload before it is sent to the Slack API, which could allow an attacker to manipulate message blocks or metadata if the agent processes malicious external content.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 1, 2026, 05:11 AM