← Back to Skills Marketplace
Slack Thread Export
by
DongHun Ha
· GitHub ↗
· v0.2.0
· MIT-0
322
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install slack-thread-export
Description
Export Slack thread messages from a logged-in Slack web tab into CSV using an attached Chrome Browser Relay tab. Use when the user wants to collect Slack con...
Usage Guidance
This skill legitimately needs to run inside a logged-in Slack browser tab and reads the Slack web client's localStorage to get the in-page token before issuing in-page fetch calls — that is how it works, but it also means the skill can access sensitive session state. Before installing or running: (1) Review the provided Python scripts and SKILL.md (you already have them) to confirm no unexpected network calls or hidden exfiltration; (2) only attach a browser tab you trust and avoid attaching tabs containing unrelated accounts or highly sensitive sessions; (3) prefer small, narrow exports (channel/date whitelist and --preflight) to reduce risk of accidental broad data export; (4) ensure the 'openclaw' binary used by the scripts is trusted on your system; (5) if you have low tolerance for exposing in-page tokens to third-party code, do not use this skill — instead use an admin API or a vetted tool that uses scoped tokens. The behavior is coherent with the stated purpose, but reading page-local tokens is sensitive, so proceed only if you trust the skill and environment.
Capability Analysis
Type: OpenClaw Skill
Name: slack-thread-export
Version: 0.2.0
The skill automates the extraction of Slack messages and internal 'xoxc' tokens from a logged-in browser session by executing JavaScript in the page context via 'openclaw browser evaluate' in scripts/export_slack_threads.py. While the stated goal in SKILL.md is data export for the user, the programmatic access to private communications and internal session tokens represents a high-risk capability. No evidence of external data exfiltration was found, but the mechanism of piggybacking on active browser sessions to query internal APIs is a technique often associated with session data theft.
Capability Assessment
Purpose & Capability
Name/description match what the files do: the skill attaches to an already logged-in Slack web tab via Browser Relay, reads browser-local state (localConfig_v2), and performs in-page fetch('/api/search.messages') to page through search results and write JSONL/CSV. The included Python scripts orchestrate the page evaluations and local file output — all coherent with exporting thread messages from a logged-in browser session.
Instruction Scope
SKILL.md explicitly instructs the agent to read localStorage.localConfig_v2 and to run fetch('/api/search.messages') inside the page context so requests inherit session cookies and tokens. This is necessary for the stated approach (browser-context export) but is sensitive: the skill has access to the Slack web client's in-page token and could read any page-local data. The included code uses page-evaluate calls only and writes output locally; it does not themselves transmit data to external endpoints.
Install Mechanism
No install spec; this is instruction + local Python scripts. No downloads or external install URLs are used. The scripts call a local 'openclaw' CLI via subprocess to evaluate JS in the attached browser — reasonable for the documented browser-relay workflow.
Credentials
The skill requests no environment variables, no external credentials, and no config paths. It relies on an attached logged-in browser tab (via Browser Relay) and on the web client state for authentication; those requirements align with the stated approach. There are no unrelated credentials or network endpoints requested by the code.
Persistence & Privilege
The skill is not marked always:true and does not attempt to modify other skills or system-wide configuration. It runs as a local script and writes CSV/JSONL output files; its privileges are limited to the running agent and the attached browser session.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install slack-thread-export - After installation, invoke the skill by name or use
/slack-thread-export - Provide required inputs per the skill's parameter spec and get structured output
Version History
v0.2.0
Add resumable exports, failed-channel retry helper, preflight estimation, mode selection, operational guidance, and validation notes for Browser Relay-based Slack thread export.
Metadata
Frequently Asked Questions
What is Slack Thread Export?
Export Slack thread messages from a logged-in Slack web tab into CSV using an attached Chrome Browser Relay tab. Use when the user wants to collect Slack con... It is an AI Agent Skill for Claude Code / OpenClaw, with 322 downloads so far.
How do I install Slack Thread Export?
Run "/install slack-thread-export" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Slack Thread Export free?
Yes, Slack Thread Export is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Slack Thread Export support?
Slack Thread Export is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Slack Thread Export?
It is built and maintained by DongHun Ha (@devdha); the current version is v0.2.0.
More Skills