Slack
Security checks across malware telemetry and agentic risk
Overview
This is a disclosed Slack integration skill that uses ClawLink OAuth to read and change Slack workspace content, with confirmation instructions for writes.
Install only if you trust ClawLink with your Slack OAuth connection and are comfortable granting the listed Slack permissions. Before sending messages, changing channels, uploading or deleting files, inviting users, or performing other writes, require a preview of the exact target and effect and give explicit approval.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
63/63 vendors flagged this skill as clean.