// SCAN REPORT

Slack

143 tools. 71 can modify or destroy data without limits.

16 destructive tools with no built-in limits. Policy required.

Last updated:

71 can modify or destroy data
72 read-only
143 tools total
// TOOL MAP
Read (72) Write / Execute (55) Destructive / Financial (16)
// WHAT CAN GO WRONG

Destructive tools (SLACK_CLEAR_STATUS, SLACK_CUSTOMIZE_URL_UNFURL, SLACK_DELETE_A_COMMENT_ON_A_FILE) permanently delete resources. There is no undo. An agent calling these in a retry loop causes irreversible damage.

Write operations (SLACK_ACTIVATE_OR_MODIFY_DO_NOT_DISTURB_DURATION, SLACK_ADD_A_CUSTOM_EMOJI_TO_A_SLACK_TEAM, SLACK_ADD_A_REMOTE_FILE_FROM_A_SERVICE) modify state. Without rate limits, an agent can make hundreds of changes in seconds — faster than any human can review or revert.

Execute tools (SLACK_REGISTERS_A_NEW_CALL_WITH_PARTICIPANTS, SLACK_REGISTERS_NEW_CALL_PARTICIPANTS, SLACK_START_CALL) trigger processes with side effects. Builds, notifications, workflows — all fired without throttling.

One command. Full control.

Intercept sits between your agent and Slack. Every tool call checked against your policy before it executes — so your agent can do its job without breaking things.

npx -y @policylayer/intercept scan -- npx -y @modelcontextprotocol/server-slack
Scans every tool. Generates a policy. Starts enforcing.
Works with Claude Code · Cursor · Claude Desktop · Windsurf · any MCP client
// RECOMMENDED RULES
Deny destructive operations
SLACK_CLEAR_STATUS:
  rules:
    - action: deny

Destructive tools should never be available to autonomous agents without human approval.

Rate limit write operations
SLACK_ACTIVATE_OR_MODIFY_DO_NOT_DISTURB_DURATION:
  rules:
    - rate_limit: 30/hour

Prevents bulk unintended modifications from agents caught in loops.

Cap read operations
Returns:
  rules:
    - rate_limit: 60/minute

Controls API costs and prevents retry loops from exhausting upstream rate limits.

// ALL 143 SLACK TOOLS
DESTRUCTIVE 16 tools
Destructive SLACK_CLEAR_STATUS Destructive SLACK_CUSTOMIZE_URL_UNFURL Destructive SLACK_DELETE_A_COMMENT_ON_A_FILE Destructive SLACK_DELETE_A_FILE_BY_ID Destructive SLACK_DELETE_A_PUBLIC_OR_PRIVATE_CHANNEL Destructive SLACK_DELETE_A_SCHEDULED_MESSAGE_IN_A_CHAT Destructive SLACK_DELETE_A_SLACK_REMINDER Destructive SLACK_DELETE_CANVAS Destructive SLACK_DELETE_USER_PROFILE_PHOTO Destructive SLACK_DISABLE_AN_EXISTING_SLACK_USER_GROUP Destructive SLACK_REMOVE_A_REMOTE_FILE Destructive SLACK_REMOVE_A_STAR_FROM_AN_ITEM Destructive SLACK_REMOVE_A_USER_FROM_A_CONVERSATION Destructive SLACK_REMOVE_CALL_PARTICIPANTS Destructive SLACK_REMOVE_REACTION_FROM_ITEM Destructive SLACK_REVOKE_PUBLIC_SHARING_ACCESS_FOR_A_FILE
EXECUTE 4 tools
Execute SLACK_REGISTERS_A_NEW_CALL_WITH_PARTICIPANTS Execute SLACK_REGISTERS_NEW_CALL_PARTICIPANTS Execute SLACK_START_CALL Execute SLACK_START_REAL_TIME_MESSAGING_SESSION
WRITE 51 tools
Write SLACK_ACTIVATE_OR_MODIFY_DO_NOT_DISTURB_DURATION Write SLACK_ADD_A_CUSTOM_EMOJI_TO_A_SLACK_TEAM Write SLACK_ADD_A_REMOTE_FILE_FROM_A_SERVICE Write SLACK_ADD_A_STAR_TO_AN_ITEM Write SLACK_ADD_AN_EMOJI_ALIAS_IN_SLACK Write SLACK_ADD_CALL_PARTICIPANTS Write SLACK_ADD_EMOJI Write SLACK_ADD_REACTION_TO_AN_ITEM Write SLACK_ARCHIVE_A_PUBLIC_OR_PRIVATE_CHANNEL Write SLACK_ARCHIVE_A_SLACK_CONVERSATION Write SLACK_CHAT_POST_MESSAGE Write SLACK_CLOSE_DM_OR_MULTI_PERSON_DM Write SLACK_CREATE_A_REMINDER Write SLACK_CREATE_A_SLACK_USER_GROUP Write SLACK_CREATE_CANVAS Write SLACK_CREATE_CHANNEL Write SLACK_CREATE_CHANNEL_BASED_CONVERSATION Write SLACK_EDIT_CANVAS Write SLACK_ENABLE_A_SPECIFIED_USER_GROUP Write SLACK_ENABLE_PUBLIC_SHARING_OF_A_FILE Write SLACK_END_A_CALL_WITH_DURATION_AND_ID Write SLACK_INVITE_USER_TO_CHANNEL Write SLACK_INVITE_USER_TO_WORKSPACE Write SLACK_INVITE_USER_TO_WORKSPACE_WITH_OPTIONAL_CHANNEL_INVITES Write SLACK_INVITE_USERS_TO_A_SLACK_CHANNEL Write SLACK_MANUALLY_SET_USER_PRESENCE Write SLACK_MARK_REMINDER_AS_COMPLETE Write SLACK_OPEN_DM Write SLACK_OPEN_OR_RESUME_DIRECT_OR_MULTI_PERSON_MESSAGES Write SLACK_REGISTER_CALL_PARTICIPANTS_REMOVAL Write SLACK_RENAME_A_CONVERSATION Write SLACK_RENAME_A_SLACK_CHANNEL Write SLACK_RENAME_AN_EMOJI Write SLACK_SCHEDULE_MESSAGE Write SLACK_SEND_EPHEMERAL_MESSAGE Write SLACK_SEND_MESSAGE Write SLACK_SET_A_CONVERSATION_S_PURPOSE Write SLACK_SET_DND_DURATION Write SLACK_SET_PROFILE_PHOTO Write SLACK_SET_READ_CURSOR_IN_A_CONVERSATION Write SLACK_SET_SLACK_USER_PROFILE_INFORMATION Write SLACK_SET_STATUS Write SLACK_SET_THE_TOPIC_OF_A_CONVERSATION Write SLACK_SET_USER_PROFILE_PHOTO_WITH_CROPPING_OPTIONS Write SLACK_UNARCHIVE_A_PUBLIC_OR_PRIVATE_CHANNEL Write SLACK_UNARCHIVE_CHANNEL Write SLACK_UPDATE_AN_EXISTING_SLACK_USER_GROUP Write SLACK_UPDATE_SLACK_CALL_INFORMATION Write SLACK_UPDATE_USER_GROUP_MEMBERS Write SLACK_UPDATES_AN_EXISTING_REMOTE_FILE Write SLACK_UPLOAD_OR_CREATE_A_FILE_IN_SLACK
READ 72 tools
Read Returns Read SLACK_CUSTOMIZE_URL_UNFURLING_IN_MESSAGES Read SLACK_DELETES_A_MESSAGE_FROM_A_CHAT Read SLACK_END_SNOOZE Read SLACK_END_USER_DO_NOT_DISTURB_SESSION Read SLACK_END_USER_SNOOZE_MODE_IMMEDIATELY Read SLACK_FETCH_BOT_USER_INFORMATION Read SLACK_FETCH_CONVERSATION_HISTORY Read SLACK_FETCH_CURRENT_TEAM_INFO_WITH_OPTIONAL_TEAM_SCOPE Read SLACK_FETCH_DND_STATUS_FOR_MULTIPLE_TEAM_MEMBERS Read SLACK_FETCH_ITEM_REACTIONS Read SLACK_FETCH_MESSAGE_THREAD_FROM_A_CONVERSATION Read SLACK_FETCH_TEAM_INFO Read SLACK_FETCH_WORKSPACE_SETTINGS_INFORMATION Read SLACK_FIND_CHANNELS Read SLACK_FIND_USER_BY_EMAIL_ADDRESS Read SLACK_FIND_USERS Read SLACK_GET_CANVAS Read SLACK_GET_CHANNEL_CONVERSATION_PREFERENCES Read SLACK_GET_REMINDER_INFORMATION Read SLACK_GET_REMOTE_FILE Read SLACK_GET_TEAM_DND_STATUS Read SLACK_GET_USER_PRESENCE_INFO Read SLACK_INITIATES_CHANNEL_BASED_CONVERSATIONS Read SLACK_JOIN_AN_EXISTING_CONVERSATION Read SLACK_LEAVE_A_CONVERSATION Read SLACK_LIST_ACCESSIBLE_CONVERSATIONS_FOR_A_USER Read SLACK_LIST_ALL_CHANNELS Read SLACK_LIST_ALL_SLACK_TEAM_CHANNELS_WITH_VARIOUS_FILTERS Read SLACK_LIST_ALL_SLACK_TEAM_USERS_WITH_PAGINATION Read SLACK_LIST_ALL_USERS Read SLACK_LIST_ALL_USERS_IN_A_USER_GROUP Read SLACK_LIST_CANVASES Read SLACK_LIST_CONVERSATIONS Read SLACK_LIST_FILES_WITH_FILTERS_IN_SLACK Read SLACK_LIST_REMINDERS Read SLACK_LIST_REMOTE_FILES Read SLACK_LIST_SCHEDULED_MESSAGES Read SLACK_LIST_SCHEDULED_MESSAGES_IN_A_CHANNEL Read SLACK_LIST_SLACK_S_REMOTE_FILES_WITH_FILTERS Read SLACK_LIST_STARRED_ITEMS Read SLACK_LIST_TEAM_CUSTOM_EMOJIS Read SLACK_LIST_USER_GROUPS_FOR_TEAM_WITH_OPTIONS Read SLACK_LIST_USER_REACTIONS Read SLACK_LIST_USER_REMINDERS_WITH_DETAILS Read SLACK_LIST_WORKSPACE_USERS Read SLACK_LISTS_PINNED_ITEMS_IN_A_CHANNEL Read SLACK_LISTS_USER_S_STARRED_ITEMS_WITH_PAGINATION Read SLACK_LOOKUP_CANVAS_SECTIONS Read SLACK_PINS_AN_ITEM_TO_A_CHANNEL Read SLACK_RETRIEVE_A_USER_S_IDENTITY_DETAILS Read SLACK_RETRIEVE_CALL_INFORMATION Read SLACK_RETRIEVE_CONVERSATION_INFORMATION Read SLACK_RETRIEVE_CONVERSATION_MEMBERS_LIST Read SLACK_RETRIEVE_CURRENT_USER_DND_STATUS Read SLACK_RETRIEVE_DETAILED_INFORMATION_ABOUT_A_FILE Read SLACK_RETRIEVE_DETAILED_USER_INFORMATION Read SLACK_RETRIEVE_MESSAGE_PERMALINK_URL Read SLACK_RETRIEVE_REMOTE_FILE_INFO_IN_SLACK Read SLACK_RETRIEVE_TEAM_PROFILE_DETAILS Read SLACK_RETRIEVE_USER_PROFILE_INFORMATION Read SLACK_REVERSE_A_CONVERSATION_S_ARCHIVAL_STATUS Read SLACK_SCHEDULES_A_MESSAGE_TO_A_CHANNEL_AT_A_SPECIFIED_TIME Read SLACK_SEARCH_ALL Read SLACK_SEARCH_FOR_MESSAGES_WITH_QUERY Read SLACK_SEARCH_MESSAGES Read SLACK_SENDS_A_MESSAGE_TO_A_SLACK_CHANNEL Read SLACK_SENDS_EPHEMERAL_MESSAGES_TO_CHANNEL_USERS Read SLACK_SHARE_A_ME_MESSAGE_IN_A_CHANNEL Read SLACK_SHARE_REMOTE_FILE_IN_CHANNELS Read SLACK_UNPIN_ITEM_FROM_CHANNEL Read SLACK_UPDATES_A_SLACK_MESSAGE
// FAQ
Can an AI agent delete data through the Slack MCP server? +

Yes. The Slack server exposes 16 destructive tools including SLACK_CLEAR_STATUS, SLACK_CUSTOMIZE_URL_UNFURL, SLACK_DELETE_A_COMMENT_ON_A_FILE. These permanently remove resources with no undo. Intercept blocks destructive tools by default so they never reach the upstream server.

How do I prevent bulk modifications through Slack? +

The Slack server has 51 write tools including SLACK_ACTIVATE_OR_MODIFY_DO_NOT_DISTURB_DURATION, SLACK_ADD_A_CUSTOM_EMOJI_TO_A_SLACK_TEAM, SLACK_ADD_A_REMOTE_FILE_FROM_A_SERVICE. Set rate limits in your policy file -- for example, rate_limit: 10/hour prevents an agent from making more than 10 modifications per hour. Intercept enforces this at the transport layer.

How many tools does the Slack MCP server expose? +

143 tools across 4 categories: Destructive, Execute, Read, Write. 72 are read-only. 71 can modify, create, or delete data.

How do I add Intercept to my Slack setup? +

One line change. Instead of running the Slack server directly, prefix it with Intercept: intercept -c slack.yaml -- npx -y @@modelcontextprotocol/server-slack. Download a pre-built policy from policylayer.com/policies/slack and adjust the limits to match your use case.

// RELATED SERVERS

Other MCP servers with similar tools.

Starter policies available for each. Same risk classification, same one-command setup.

Mcp Api 310 tools
adminautomation
Aibtc 288 tools
adminautomation
Google Super 200 tools
adminautomation
Propresenter 177 tools
adminautomation
Leaper Vision Toolkit 169 tools
adminautomation
Apiosk 160 tools
adminautomation
Mcp Sitecore 153 tools
adminautomation
SmartBear MCP 147 tools
adminautomation
policylayer/intercept

Control every MCP tool call
your agent makes.

Set budgets, approvals, and hard limits across MCP servers.

npx -y @policylayer/intercept init
Protect your agent in 30 seconds. Scans your MCP config and generates enforcement policies for every server.
// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.