Slack: redact and cap interaction system events

[jink-ucla]

Summary

Describe the problem and fix in 2–5 bullets:

• Problem: Slack interaction system events could include sensitive fields (triggerId, responseUrl, workflow trigger URL, modal metadata/hash) and could exceed practical size when large modal payloads are captured.
• Why it matters: Sensitive event metadata should not be emitted into system-event transcripts, and oversized payloads make events noisy and less reliable for downstream processing.
• What changed: Added sanitization/redaction for sensitive keys, string/array truncation, and bounded fallback formatting for interaction system events; both action and modal lifecycle event paths now use the sanitized formatter.
• What did NOT change (scope boundary): No routing/session-key logic changes and no behavior changes to Slack action handling itself.

Change Type (select all)

• Bug fix
• Feature
• Refactor
• Docs
• Security hardening
• Chore/infra

Scope (select all touched areas)

• Gateway / orchestration
• Skills / tool execution
• Auth / tokens
• Memory / storage
• Integrations
• API / contracts
• UI / DX
• CI/CD / infra

Linked Issue/PR

• Closes #
• Related #

User-visible / Behavior Changes

• Slack interaction system events now redact sensitive metadata fields.
• Very large interaction payloads are compacted/truncated to a bounded event string.

Security Impact (required)

• New permissions/capabilities? (No)
• Secrets/tokens handling changed? (No)
• New/changed network calls? (No)
• Command/tool execution surface changed? (No)
• Data access scope changed? (No)
• If any Yes, explain risk + mitigation:

Repro + Verification

Environment

• OS: Windows
• Runtime/container: Node 22 / pnpm
• Model/provider: N/A
• Integration/channel (if any): Slack
• Relevant config (redacted): N/A

Steps

1. Run pnpm build.
2. Run pnpm check.
3. Run pnpm test.

Expected

• Build, lint/format/type checks, and test suites pass.

Actual

• All commands passed locally.

Evidence

Attach at least one:

• Failing test/log before + passing after
• Trace/log snippets
• Screenshot/recording
• Perf numbers (if relevant)

Human Verification (required)

What you personally verified (not just CI), and how:

• Verified scenarios: Added/updated tests asserting sensitive field redaction and bounded event size behavior for oversized interaction payloads.
• Edge cases checked: Oversized rich-text modal input payloads are compacted, include payloadTruncated, and report omitted input counts.
• What you did not verify: Live Slack workspace end-to-end event ingestion.

Compatibility / Migration

• Backward compatible? (Yes)
• Config/env changes? (No)
• Migration needed? (No)
• If yes, exact upgrade steps:

Failure Recovery (if this breaks)

• How to disable/revert this change quickly: Revert this PR commit.
• Files/config to restore: src/slack/monitor/events/interactions.ts, src/slack/monitor/events/interactions.test.ts.
• Known bad symptoms reviewers should watch for: Missing/over-truncated Slack interaction event fields in system events.

Risks and Mitigations

List only real risks for this PR. Add/remove entries as needed. If none, write None.

• Risk: Redaction or truncation could hide fields that are occasionally useful for debugging.
  • Mitigation: Preserve non-sensitive identifiers and include compact fallback metadata (payloadTruncated, omitted counts) to retain event utility.

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 5c2848b68c

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".

[chatgpt-codex-connector]

Preserve full interaction text in sanitized system payloads

The sanitizer now truncates every string field to 160 characters via truncateInteractionString before checking whether the event actually exceeds the 2400-character cap, so long modal inputs are always shortened even when the full payload would fit. In Slack interaction flows where users submit plain_text_input/rich text values (which can be much longer), this introduces silent data loss in the system event consumed by downstream agent logic, causing incomplete or incorrect handling of otherwise valid submissions.

Useful? React with 👍 / 👎.

[greptile-apps]

Greptile Summary

Adds security hardening for Slack interaction system events by redacting sensitive metadata and capping payload sizes.

• Redacts sensitive fields: triggerId, responseUrl, workflowTriggerUrl, privateMetadata, viewHash
• Truncates strings to 160 chars max, arrays to 64 items max
• Implements multi-level fallback strategy: sanitized → compact → minimal, capping events at 2400 chars
• Applies consistent sanitization to both block actions and modal lifecycle events
• Adds payloadTruncated flag and inputsOmitted count for transparency

Confidence Score: 5/5

• This PR is safe to merge with minimal risk
• Security hardening change with well-tested implementation: sensitive field redaction is correctly scoped to top-level payload fields, multi-level truncation fallbacks ensure bounded event sizes, comprehensive test coverage including edge cases (oversized payloads, empty values), and no breaking changes to Slack action handling behavior
• No files require special attention

_{Last reviewed commit: 5c2848b}

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 98392a614b

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".

[chatgpt-codex-connector]

Delay array truncation until payload exceeds size cap

sanitizeSlackInteractionPayloadValue always slices arrays to 64 items and appends a summary marker before formatSlackInteractionSystemEvent checks the 2400-character limit, so interaction data is lost even when the full event would still fit. In practice, large but valid selection sets (for example multi-select actions with >64 selected IDs) will be silently truncated in normal-sized events, which can make downstream agent decisions incomplete or incorrect.

Useful? React with 👍 / 👎.

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 069c32af9c

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".

[chatgpt-codex-connector]

Build compact summary from original payload

When the first serialized event exceeds the 2400-char cap, the compact path is built from sanitizedPayload, but that object has already had arrays truncated to 64 entries with a synthetic …+N more marker. As a result, inputsOmitted is computed from the capped array instead of the true modal input count, so submissions with more than 65 inputs are underreported (for example, a 200-input modal is reported as only 62 omitted), which gives downstream agent logic incorrect truncation metadata.

Useful? React with 👍 / 👎.

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 23b10a953b

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".

[chatgpt-codex-connector]

Preserve whitespace when truncating interaction strings

truncateInteractionString calls .trim() on every string before size checks, so Slack modal/text inputs lose leading and trailing spaces even when the event is far below the 2400-character cap. This changes the semantic content of user submissions (for example indented snippets, fixed-width values, or intentionally padded text) and can cause downstream agent behavior to diverge from what the user actually entered; truncation should cap length without normalizing whitespace.

Useful? React with 👍 / 👎.

[jink-ucla]

@codex review

[chatgpt-codex-connector]

Codex Review: Didn't find any major issues. What shall we delve into next?

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".

[jink-ucla]

Ready to merge. @Takhoffman @Lukavyi could any of you merge this when you have a moment?

[jink-ucla]

@vincentkoc @Takhoffman Bumping this as well. I've addressed the Codex feedback regarding truncation/whitespace to ensure no data loss for downstream agents. It’s fully verified and green—ready to land when you have a moment.

[Takhoffman]

Merged after clean-room revalidation from PR head.

Verification run on commit 98521b1:

• pnpm install --frozen-lockfile
• pnpm build
• pnpm check
• pnpm test:macmini

Result: all gates passed before merge.
Merged commit: 746688d