fix(slack-publish): gracefully handle missing SLACK_BOT_TOKEN with setup guidance#23
Merged
Merged
Conversation
…tup guidance When the bot token is not configured, the publish skill now detects this early and shows step-by-step setup instructions instead of a bare error. Adds main() integration tests covering missing-token, missing-file, and dry-run paths. Closes #18 Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
…d, and load_slack_token edge cases Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
… agent Move verify_slackbot_token.py to plugin root scripts/, create agent-token-checker agent, and update publish skill to invoke the agent instead of an inline bash snippet. Adds dedicated test file for verify_slackbot_token (10 tests). Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Closes #18
Summary
publishskill: before attempting any Slack API calls, the skill now delegates to a newagent-token-checkeragent that checks forSLACK_BOT_TOKENin the environment and.env/.env.localfiles, then surfaces a step-by-step setup guide if the token is absent.scripts/verify_slackbot_token.py) at the plugin root and a lightweight Haiku-powered agent (agent-token-checker), separating concerns from the main publish script.main(), edge cases forresolve_channel_idandload_slack_token, and a dedicated suite for the new token-checker script.Components
slack-publish:agent-token-checkerscripts/verify_slackbot_token.pyand reports whetherSLACK_BOT_TOKENis available; used as a pre-flight gate in the publish skill.slack-publish:publishagent-token-checkeras step 1 and halt with actionable setup instructions when the token is missing.Security
agent-token-checkerusesallowed-tools: [Bash]— scope is broader than the single script invocation it performs. Low risk given the fixed instruction, but worth noting.$ARGUMENTSprompt interpolation — file path and channel are passed as discrete quoted shell words (preventing shell injection), but the prompt-level substitution is unguarded. Pre-existing condition.xoxb-test— non-functional synthetic token; considerxoxb-FAKE-testif secret scanners use broadxoxb-patterns.Test plan
/slack-publish:publish notes.md #generalwith no token set → agent reports "Token missing.", skill halts with full setup guidance/slack-publish:publish notes.md #generalwith token in.env→ agent reports "Token found.", skill proceeds/slack-publish:publish notes.md #generalwithSLACK_BOT_TOKENin shell env → proceeds normallypython3 scripts/verify_slackbot_token.pywith token set → exits 0; without → exits 1python3 -m pytest tests/→ 75 tests pass🤖 Generated with Claude Code