Skills
skills/elizaos/eliza/slack/Gen Agent Trust Hub

slack

Pass

Audited by Gen Agent Trust Hub on Mar 17, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through external data ingestion.
  • Ingestion points: The readMessages action in SKILL.md allows the agent to read content from Slack channels.
  • Boundary markers: There are no specific delimiters or instructions provided to the agent to treat retrieved message content as untrusted data or to ignore embedded commands.
  • Capability inventory: The skill has the ability to write to the environment via sendMessage, editMessage, deleteMessage, and pinMessage actions.
  • Sanitization: No content filtering or sanitization logic is described for the data retrieved from Slack.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 17, 2026, 08:01 AM