slack-webhook
Pass
Audited by Gen Agent Trust Hub on Apr 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the 'curl' utility to send HTTP POST requests to Slack's Incoming Webhook service. This is the primary function of the skill and is documented with security considerations.
- [EXTERNAL_DOWNLOADS]: The skill references official Slack API domains (hooks.slack.com, api.slack.com) and documentation. These are well-known services and the interactions are documented neutrally as standard functionality.
- [DATA_EXFILTRATION]: Data (user messages) is sent to an external Slack channel. The skill recommends using environment variables for the Webhook URL to prevent accidental exposure of credentials.
- [PROMPT_INJECTION]: A potential surface for indirect injection exists where user-supplied content is formatted into a JSON payload for Slack. The skill provides specific mitigation by recommending shell heredocs (<< 'EOF') to prevent shell character expansion. 1. Ingestion points: User-provided text for Slack messages as described in the usage examples. 2. Boundary markers: The skill suggests using shell heredoc delimiters to safely wrap content. 3. Capability inventory: Use of 'curl' for network requests and file writing to /tmp. 4. Sanitization: Provides explicit guidance on escaping shell characters like '!' to prevent command execution issues.
Audit Metadata