Conversation
github-actions
bot
added
the
Scope: Backend
![sentry[bot]](https://avatars.githubusercontent.com/in/12637?s=60&v=4){kind=small}
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 1 potential issue.
❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.
Reviewed by Cursor Bugbot for commit 5b77767. Configure here.
| # When the user's identity is linked, verify they belong to this | ||
| # org. If not linked the downstream task will prompt to link. | ||
| if identity_user and not organization.has_access(identity_user): | ||
| continue |
There was a problem hiding this comment.
Identity check bypassed for assistant_thread_started events
Low Severity
The org membership check in _resolve_seer_organization relies on slack_request.get_identity_user(), which resolves the user via slack_request.user_id. For assistant_thread_started events, the user ID lives at event.assistant_thread.user_id, but SlackEventRequest.user_id reads from event.user, returning "". This means identity_user is always None for these events, causing the if identity_user and not organization.has_access(identity_user) check to be silently skipped. The first org with Seer access is selected without verifying user membership — the exact security gap the PR discussion identified and intended to close. Impact is limited today since the handler only sends generic prompts, but it undermines the access control model.
Additional Locations (1)
Reviewed by Cursor Bugbot for commit 5b77767. Configure here.
Add the assistant:write scope to the Slack integration to enable the bot to act as a Slack Agent, supporting DM-based agent interfaces. Refs ISWF-2388 Co-Authored-By: Claude Opus 4.6 <noreply@example.com>
Extract shared org-resolution logic into _resolve_seer_organization helper and merge on_app_mention/on_dm into a single _handle_seer_mention method. Replace three identical halt reason enums with unified SeerSlackHaltReason. Extract duplicated loading messages list into a module-level constant. Refs ISWF-2388 Co-Authored-By: Claude Opus 4.6 <noreply@example.com>
…nges Update tests to match the refactored _resolve_seer_organization which now iterates org integrations and uses SlackExplorerEntrypoint.has_access instead of checking a single feature flag. Align halt reasons with the consolidated enum values (NO_VALID_INTEGRATION, NO_VALID_ORGANIZATION) and update the has_access test for the seer-slack-explorer flag rename. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Address PR review feedback: - Change SLACK_PROVIDERS from set to list to match the RPC method's expected `list[str]` parameter type, preventing serialization errors - Check org status before calling get_installation to avoid unnecessary queries for inactive orgs - Verify the requesting Slack user belongs to the resolved org when their identity is linked, preventing cross-org data access when multiple orgs share a Slack workspace - Fix inaccurate comments about DM fallback behavior Refs ISWF-2388 Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
leeandher
force-pushed
the
leanderrodrigues/iswf-2388-explore-slack-dms-agent-interface-for-seer-explorer
branch
from
5b77767 to
6f4a9d9
Compare
2 participants
this allows DMs to the bot trigger Seer and gives a richer experience for starting conversations by suggesting prompts. to support this locally, you need to do a few things
assistant:writeOAuth scopeassistant_thread_startedRefs ISWF-2388