Slack Actions
PassAudited by ClawScan on May 10, 2026.
Overview
This is a clearly disclosed Slack bot-control skill, but users should notice that it can change Slack content and requires a bot token even though the registry metadata does not declare one.
Install only if you trust this skill to act as your Slack bot. Use a dedicated bot token with the narrowest Slack scopes and channel access possible, confirm message targets before mutations, and avoid granting access to sensitive channels unless needed.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The bot could post, modify, delete, pin, or read Slack content within the permissions granted to it.
These Slack operations are central to the stated purpose, but they can alter or expose workspace communication if invoked with the wrong channel, message ID, or content.
- Send, edit, and delete messages - Add and list reactions - Pin and unpin messages - Read recent channel history
Use a dedicated Slack app with least-privilege scopes, verify channel and message IDs, and require explicit confirmation for any edit, delete, pin, unpin, or broad-channel post.
Anyone using this skill through the agent may cause actions to be performed as the configured Slack bot.
The Slack bot token is expected for the integration, but it gives delegated workspace authority; the registry metadata also does not declare the required credential.
This skill requires a Slack Bot User OAuth token... SLACK_BOT_TOKEN... The token must include the following OAuth scopes: chat:write, channels:read, channels:history, reactions:write, pins:write, users:read, emoji:read
Store the token only in the environment, rotate it periodically, restrict the bot to only necessary channels and scopes, and treat the missing registry credential declaration as an install-time visibility gap.