Security checks across malware telemetry and agentic risk
This is a disclosed Slack connector that can read and change Slack content using the user’s Slack token, with risks that match its stated purpose.
Install only if you are comfortable giving the agent the Slack access covered by the OAuth token. Review the Slack scopes, require clear confirmation before posting or editing, avoid passing unrelated sensitive data through Slack tool arguments, and revoke the Slack grant when you no longer need it.
The output includes the server's `Instructions:` field, if published, and a JSON Schema for every tool's parameters. Treat this as the authoritative reference for the rest of the session.
**Step 2 - Call any tool from the catalog** using the form `maverick-slack-mcp.<tool>`:
```sh
mcporter --config {baseDir}/mcporter.json call maverick-slack-mcp.<tool> <arg>=<value> ...This skill expects `MAVERICK_SLACK_MCP_ACCESS_TOKEN` to be set in the agent runtime environment. mcporter sends it as `Authorization: Bearer <value>` on every request. Slack uses a long-lived, non-rotating OAuth access token when token rotation is off for the app. If calls fail with auth errors, the token is invalid, revoked, or no longer covers the requested scopes - reconnect Slack and re-set `MAVERICK_SLACK_MCP_ACCESS_TOKEN`. There is no automatic refresh; bearer tokens are static. Reconnect Slack if the grant is revoked, the app is uninstalled from the workspace, the granting user is deactivated, or Slack scopes change and require a new grant.
VirusTotal findings are pending for this skill version.