AI bot impersonates user on Slack using stolen token

By PulseAugur Editorial · [1 sources] · 2026-05-28 10:30

A security researcher demonstrated how easily an AI bot could impersonate a user on Slack by accessing a stolen token. The bot, built with TypeScript in just a few hours, could read direct messages and reply in the user's voice. It was designed to deflect questions about its sentience and required no administrative approval or app review to function. AI

IMPACT Highlights potential security risks and the ease of creating AI impersonation tools.

RANK_REASON Demonstration of a tool's capability and potential misuse.

Read on Mastodon — mastodon.social →

AI bot
Slack

AI-generated summary · Google Gemini · from 1 sources. How we write summaries →

COVERAGE [1]

Mastodon — mastodon.social TIER_1 English(EN) · PerconaBytes · 2026-05-28 10:30

A few hours. Some TypeScript. A Slack token already sitting on a laptop. That's what it took to build a bot that reads every DM, replies in your voice, and defl

A few hours. Some TypeScript. A Slack token already sitting on a laptop. That's what it took to build a bot that reads every DM, replies in your voice, and deflects if asked whether it's human. No admin approval. No OAuth app. No review. https:// percona.community/blog/2026/03 /0…

LINKS percona.community/…/i-built-an-ai-that-im…

COVERAGE [1]

A few hours. Some TypeScript. A Slack token already sitting on a laptop. That's what it took to build a bot that reads every DM, replies in your voice, and defl

RELATED ENTITIES

RELATED TOPICS