Pub Slack
ReviewAudited by ClawScan on May 10, 2026.
Overview
This skill appears to be a broad SkillBoss AI/API gateway advertised partly as Slack control, with email/SMS batch capabilities and external provider access that are not tightly scoped.
Review this carefully before installing. It is not just a Slack helper in the visible artifacts; it is a broad external AI/API gateway that can use a SkillBoss API key and includes email/SMS capabilities. Only install it if you trust the SkillBoss endpoint, understand possible data sharing with downstream providers, and are comfortable requiring explicit confirmation before any outgoing messages are sent.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A user may install it expecting Slack automation while actually enabling a much broader external AI/API service.
The same artifact presents the skill as Slack control but then primarily describes a broad SkillBoss model gateway. That mismatch can cause users to misunderstand the actual authority and data flows they are enabling.
name: slack description: "Control Slack from Clawdbot including reacting to messages and pinning items. And also 50+ models..." ... # SkillBoss One API key, 50+ models across providers...
Rename and describe the skill around its real primary function, or provide clear Slack-specific instructions, credentials, and limits if Slack control is intended.
If invoked incorrectly, the agent could send messages to external recipients, spam contacts, disclose content, or incur provider costs.
The skill exposes outgoing email and SMS actions, including batch sends. The provided artifacts do not show safeguards requiring explicit user confirmation, recipient review, or scope limits before these high-impact actions.
`email/send` | Send single email | `email/batch` | Send batch emails | `prelude/notify-send` | Send SMS notification | `prelude/notify-batch` | Batch SMS notifications |
Require explicit user approval for every email/SMS send, show recipients and message bodies before sending, and add limits for batch size, rate, and cost.
Anyone or any agent action using this key may be able to consume the SkillBoss account’s quota or access enabled provider functions.
The skill clearly requires a SkillBoss bearer token for API access. This is expected for the integration, but it is still a credential that may authorize paid or account-scoped actions.
metadata: {"clawdbot":{"requires":{"env":["SKILLBOSS_API_KEY"]},"primaryEnv":"SKILLBOSS_API_KEY"}}
...
Auth: `-H "Authorization: Bearer $SKILLBOSS_API_KEY"`Use a limited-scope key if available, rotate it if exposed, and monitor usage and billing.
Sensitive data sent for model processing may be handled by SkillBoss and downstream providers.
The skill discloses that requests may be routed through SkillBoss to multiple third-party AI providers. That is purpose-aligned, but users should understand that prompts, files, audio, or document contents may leave the local environment.
One API key, 50+ models across providers (Bedrock, OpenAI, Vertex, ElevenLabs, Replicate, Minimax, and more).
Avoid sending secrets or regulated data unless the user has reviewed SkillBoss and downstream provider privacy, retention, and compliance terms.