Back to plugin

Security audit

Slack Block Kit Bridge

Security checks across malware telemetry and agentic risk

Overview

The plugin matches its Slack-card purpose, but it asks users to grant broad no-prompt OpenClaw CLI execution and can post broadly to Slack unless channel limits are explicitly configured.

Install only if you are comfortable letting an agent send and update Slack messages. Before enabling live delivery, set allowChannels to specific channel IDs, protect the Slack bot token, avoid broad no-prompt CLI execution if possible, and do not place secrets in card text or metadata.

VirusTotal

VirusTotal engine telemetry is currently stale for this artifact.

View on VirusTotal

Static analysis

Detected: suspicious.potential_exfiltration

Sensitive-looking file read is paired with a network send.

Warn
Code
suspicious.potential_exfiltration
Location
dist/src/slack-api.js:112
Evidence
const raw = await fs.readFile(config.tokenFile, "utf8");