🦋 Changeset detected

Latest commit: 7230aed

The changes in this PR will be included in the next version bump.

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
agents-api	Ready	Preview, Comment	Apr 7, 2026 8:18pm
agents-docs	Ready	Preview, Comment	Apr 7, 2026 8:18pm
agents-manage-ui	Ready	Preview, Comment	Apr 7, 2026 8:18pm

TL;DR — Removes the users:read and users:read.email user scopes from the Slack app manifest, leaving the user scopes array empty. These scopes were unused and unnecessarily broadened the OAuth permission surface.

Key changes

• Clear unused user scopes from Slack app manifest — Empties the user scopes array in slack-app-manifest.json, removing users:read and users:read.email which were not consumed by any work-app code path.

_{Summary ｜ 2 files ｜ 1 commit ｜ base: main ← fix/remove-slack-user-scopes}

Before: The Slack app manifest requested users:read and users:read.email user scopes during OAuth.
After: The user scopes array is empty — only bot scopes are requested.

Requesting fewer OAuth scopes reduces the trust burden on installing workspace admins and aligns the manifest with actual usage (only bot scopes are exercised at runtime).

slack-app-manifest.json

  ^{｜ View workflow run ｜ Triggered by Pullfrog ｜ Using Claude Opus ｜ 𝕏}

TL;DR — Removes the users:read and users:read.email user scopes from the Slack app manifest, leaving the user scope array empty. These scopes were unused and unnecessary for the Slack Work App's bot-driven functionality.

Key changes

• Clear unused user scopes from slack-app-manifest.json — Empties the user scopes array, removing users:read and users:read.email that were never exercised by the app.

_{Summary ｜ 2 files ｜ 2 commits ｜ base: main ← fix/remove-slack-user-scopes}

Before: The Slack manifest requested users:read and users:read.email user scopes during OAuth.
After: The user scopes array is empty — no user-token scopes are requested.

User scopes grant permissions on behalf of the installing user rather than the bot. Since the Slack Work App operates entirely through bot-token scopes, these user scopes added unnecessary permission surface without being used.

slack-app-manifest.json · .changeset/firm-tan-rat.md

  ^{｜ View workflow run ｜ Triggered by Pullfrog ｜ Using Claude Opus ｜ 𝕏}

Preview URLs

Use these stable preview aliases for testing this PR:

• UI: https://pr-3052-ui.preview.inkeep.com
• API: https://pr-3052-api.preview.inkeep.com
• API health: https://pr-3052-api.preview.inkeep.com/health

These point to the same Vercel preview deployment as the bot comment, but they stay stable and easier to find.

This pull request has been automatically marked as stale because it has not had recent activity.
It will be closed in 7 days if no further activity occurs.

If this PR is still relevant:

• Rebase it on the latest main branch
• Add a comment explaining its current status
• Request a review if it's ready

Thank you for your contributions!

This pull request has been automatically closed due to inactivity.

If you'd like to continue working on this, please:

1. Create a new branch from the latest main
2. Cherry-pick your commits or rebase your changes
3. Open a new pull request

Thank you for your understanding!