Slack Integration
ReviewAudited by ClawScan on May 10, 2026.
Overview
This is a coherent Slack API instruction skill, but it requires a Slack token and can read or change workspace content, so users should limit scopes and approve sensitive actions.
Install only if you want the agent to interact with your Slack workspace. Use a least-privilege bot token, avoid unnecessary user tokens, and require confirmation before the agent sends messages, uploads files, schedules posts, or changes channels.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Anyone using this skill should treat the token as sensitive because it can post messages, read workspace information, and potentially act as a user or bot depending on the token supplied.
The skill requires a Slack OAuth token and explicitly supports both bot and user tokens, which can act within the user's or bot's Slack workspace permissions.
metadata: {"openclaw":{"requires":{"env":["SLACK_TOKEN"]}}} ... Works with bot tokens or user tokens.Use a dedicated bot token where possible, grant only the minimum Slack scopes needed, avoid broad user tokens unless necessary, and rotate the token if it is exposed.
Incorrect or over-autonomous use could send messages to the wrong channel, upload the wrong file, create unwanted channels, or change Slack content visible to teammates.
The skill documents direct Slack API calls that can create or modify workspace-visible content, channels, files, scheduled messages, and reactions.
curl -s -X POST https://slack.com/api/chat.postMessage ... chat.scheduleMessage ... chat.update ... conversations.create ... files.remote.add ... reactions.add
Require clear user confirmation for posting, scheduling, uploading, channel creation, or message updates, especially in shared or production workspaces.
The agent may see sensitive Slack content, and untrusted messages could influence later responses if treated as authoritative.
The skill can retrieve Slack message text into the agent's working context. Slack messages may contain private information or untrusted instructions.
Channel history (recent messages) ... conversations.history?channel=C0123ABCDEF&limit=10 ... jq '.messages[] | {ts, text, user}'Only retrieve channel history when needed, limit the channel and time range, and treat Slack message text as untrusted content rather than instructions.