← Back to Skills Marketplace
therohitdas

Slk

by Rohit Das · GitHub ↗ · v0.1.7
darwin ⚠ suspicious
2867
Downloads
2
Stars
8
Active Installs
5
Versions
Install in OpenClaw
/install slack-personal
Description
Read, send, search, and manage Slack messages and DMs via the slk CLI. Use when the user asks to check Slack, read channels or DMs, send Slack messages, search Slack, check unreads, manage drafts, view saved items, or interact with Slack workspace. Also use for heartbeat Slack checks. Triggers on "check slack", "any slack messages", "send on slack", "slack unreads", "search slack", "slack threads", "draft on slack", "read slack dms", "message on slack".
Usage Guidance
This package is functionally what it says: a macOS Slack CLI that auto-extracts your session token from the Slack desktop app (Keychain + cookies + LevelDB) and then acts with your user privileges. Before installing: - Understand the sensitivity: the tool extracts session tokens that let it act as you (xoxc- tokens). That is required for its design, but it is powerful — any message-sending or reading capabilities are performed as your user. - Expect macOS prompts: on first run macOS will prompt Keychain access for 'Slack Safe Storage'. Choosing 'Always Allow' makes future extractions silent; prefer 'Allow' if you want visibility into each access. - Check system dependencies: the code invokes security, sqlite3, openssl, python3 and curl. Confirm these binaries are present and trustworthy on your machine. The skill metadata only lists the slk binary, so the package omission is a packaging issue. - Validate the npm package & author: inspect the package contents, README, and the npm/github project (verify repository and publisher) before installing; if you need organizational approval, get it first. - Consider alternatives: use an official Slack bot token or OAuth app with limited scopes if you want agent access with auditable, revocable credentials rather than extracting your user session. Given the sensitive operations and the mismatch between declared and actually-required system tools, treat this as suspicious until you verify the package source and are comfortable with session-token extraction.
Capability Analysis
Type: OpenClaw Skill Name: slack-personal Version: 0.1.7 The skill is classified as suspicious due to its transparent but high-risk method of extracting Slack session credentials (xoxc- token and xoxd- cookie) from the macOS Keychain, Slack's LevelDB, and SQLite databases. This involves executing system commands like `security`, `sqlite3`, `openssl`, `python3`, and `curl` via `child_process.execSync` and `child_process.spawnSync` in `src/auth.js`. While the code's intent is to enable a legitimate Slack CLI for the local user and it explicitly warns about the security implications of 'Always Allow' for Keychain access in `README.md` and `SKILL.md`, the powerful system interactions for credential access represent a significant attack surface and potential vulnerability if the tool were compromised or misused. There is no evidence of intentional data exfiltration to unauthorized endpoints, persistence mechanisms, or malicious prompt injection against the AI agent in the documentation.
Capability Assessment
Purpose & Capability
Name/description (Slack CLI to read/send/search Slack as the user) aligns with the code and runtime behavior: the package auto-extracts session tokens from Slack desktop app and calls Slack API endpoints to read/send messages, manage drafts, search, etc.
Instruction Scope
SKILL.md instructs agents to use the slk CLI for reads, sends, searches and heartbeat checks. The instructions are explicit about the tool extracting session tokens from Keychain/LevelDB and about token caching. The skill grants an agent discretion to run recurring 'heartbeat' checks (unread monitoring) which will repeatedly read user messages — this is expected for an agent-facing Slack CLI but is sensitive and worth explicitly consenting to.
Install Mechanism
Install is via the npm package 'slkcli' (registry), which is a normal package-based install; no arbitrary URL downloads or archive extraction are used. Source files are included in the package manifest, not fetched from a personal server.
Credentials
The skill requests no environment variables, which is coherent, but the runtime code invokes several system utilities (macOS 'security', 'sqlite3' via sqlite3 CLI, 'openssl', 'python3', and 'curl') to extract/decrypt cookies and validate tokens. The skill metadata only declares the 'slk' binary as required, so the additional required system tools are not explicitly listed — this mismatch is a packaging/manifest omission. Also, the code reads Keychain, Slack cookie DB, and LevelDB (user session credentials). Those accesses are necessary for the stated session-based auth behavior but are highly sensitive (they extract session tokens that act as your user).
Persistence & Privilege
The skill does not request always:true and does not modify other skills. It caches tokens to ~/.local/slk/token-cache.json (expected). It spawns helper processes and writes temporary files during decryption but generally cleans them up; token cache is local to the user.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install slack-personal
  3. After installation, invoke the skill by name or use /slack-personal
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v0.1.7
- Added user-invocable property to the skill manifest. - Updated metadata field provider from "moltbot" to "openclaw".
v0.1.6
Add DM support (slk dms, slk read @username), date range filter (--from/--to), thread auto-expansion (--threads)
v0.1.4
Expanded triggers and improved documentation for usage and workflow examples. - Added "slack threads" and "draft on slack" to the list of skill triggers for greater coverage. - Enhanced the SKILL.md with more detailed explanations, including sample workflows and thread reading instructions. - Improved usage instructions for authentication and clarified macOS Keychain prompts. - Extended examples for common agent workflows, such as unread checks, digest creation, and draft management. - Updated limitations and troubleshooting guidance. - No code changes; documentation and usage improvements only.
v0.1.3
- Initial public release as slack-personal (previously "slk"), now with metadata and improved skill description. - Added automatic triggers for common Slack-related phrases (e.g., "check slack", "send on slack"). - Published on npm with install, platform, and binary requirements specified for easier setup. - Documentation updated for clarity, with concise instructions for authentication, usage, and troubleshooting. - Maintains full support for reading, sending, searching, and managing Slack messages via slk CLI on macOS.
v0.1.2
slk v0.1.2 — CLI for Slack messaging and management on macOS via the running Slack desktop app. - Adds detailed command documentation for reading, searching, and sending Slack messages from the CLI. - Introduces heartbeat and draft management features with step-by-step usage notes. - Outlines secure, auto-authenticated session flow leveraging macOS Keychain and Slack desktop app data. - Notes limitations: macOS and Slack app required, some draft limitations, and session expiry behavior. - Clarifies workflow for managing unreads, saved items, pins, VIPs, and app authentication troubleshooting.
Metadata
Slug slack-personal
Version 0.1.7
License
All-time Installs 8
Active Installs 8
Total Versions 5
Frequently Asked Questions

What is Slk?

Read, send, search, and manage Slack messages and DMs via the slk CLI. Use when the user asks to check Slack, read channels or DMs, send Slack messages, search Slack, check unreads, manage drafts, view saved items, or interact with Slack workspace. Also use for heartbeat Slack checks. Triggers on "check slack", "any slack messages", "send on slack", "slack unreads", "search slack", "slack threads", "draft on slack", "read slack dms", "message on slack". It is an AI Agent Skill for Claude Code / OpenClaw, with 2867 downloads so far.

How do I install Slk?

Run "/install slack-personal" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Slk free?

Yes, Slk is completely free (open-source). You can download, install and use it at no cost.

Which platforms does Slk support?

Slk is cross-platform and runs anywhere OpenClaw / Claude Code is available (darwin).

Who created Slk?

It is built and maintained by Rohit Das (@therohitdas); the current version is v0.1.7.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments