ClawHub

Slack

v1.0.8

Slack API integration with managed OAuth. Send messages, manage channels, search conversations, and interact with Slack workspaces. Use this skill when users...

7· 5.7k·6 current·7 all-time
by@byungkyu
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (Slack API integration, managed OAuth) align with the instructions which call Maton-managed endpoints (gateway.maton.ai / ctrl.maton.ai) and require a single MATON_API_KEY. No unrelated env vars or binaries are requested.
Instruction Scope
Instructions are limited to making HTTP requests to Maton endpoints to manage Slack connections and call Slack API methods via the gateway. They do not instruct reading files or other environment variables. Note: this design means Maton (the gateway) will see OAuth tokens and proxied Slack payloads — a privacy/trust consideration rather than an incoherence.
Install Mechanism
Instruction-only skill; no install/spec that writes code or downloads artifacts. Lowest-risk install mechanism.
Credentials
Only one environment variable (MATON_API_KEY) is required, which is proportionate for a managed-gateway OAuth integration. This key grants Maton access to proxy Slack API calls, so it is a high-value secret and should be treated accordingly.
Persistence & Privilege
always is false and the skill does not request persistent system-level privileges or config writes. Model invocation is allowed (normal); no combined high-privilege flags present.
Assessment
This skill appears to be what it claims: a Slack integration that routes API calls through Maton's gateway. Before installing, confirm you trust maton.ai (the gateway operator) because the MATON_API_KEY and the OAuth connections will allow Maton to see and act on Slack data. Use least-privilege API keys, verify Maton's privacy/security practices, avoid using long-lived high-privilege tokens if possible, and monitor/rotate the MATON_API_KEY and Slack OAuth tokens. If you prefer not to give a third party proxy access to your Slack workspace, consider a skill that talks to Slack directly or manages OAuth under your control.

Like a lobster shell, security has layers — review code before you run it.

latestvk97et6drcgw1pyj2z5k4k7gb4d82c0r5

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

EnvMATON_API_KEY

Comments