slack
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: CRITICALREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONCREDENTIALS_UNSAFE
Full Analysis
- REMOTE_CODE_EXECUTION (CRITICAL): The skill contains multiple instructions to execute remote scripts via
curl -sSL [URL] | bash(specificallyhttps://canifi.com/skills/slack/install.shandhttps://canifi.com/install.sh). This is an extremely dangerous pattern that allows a non-trusted third party to execute arbitrary code on the host system without any validation or integrity checks. - EXTERNAL_DOWNLOADS (HIGH): The skill mandates downloading core components and setup utilities from
canifi.com. Since this domain is not a recognized trusted source, the authenticity and safety of these downloads cannot be verified, posing a significant supply chain risk. - COMMAND_EXECUTION (MEDIUM): The installation process involves shell commands that modify the user's home directory (
~/.canifi/skills/) and manipulate environment variables, which could be leveraged to establish persistence or exfiltrate data if the downloaded scripts are malicious. - CREDENTIALS_UNSAFE (LOW): The setup instructions encourage users to store sensitive credentials like
SERVICE_PASSWORDin a local utility calledcanifi-env. This practice increases the risk of credential exposure if the environment manager or the underlying storage is not properly secured.
Recommendations
- HIGH: Downloads and executes remote code from: https://canifi.com/skills/slack/install.sh, https://canifi.com/install.sh - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata