Slack bot token leakage exposing business critical information

The problem is that many developers tend to include Slack tokens – credentials tied to their personal Slack account – directly in the code when building Slack bots. These projects are also shared publicly on GitHub. Now, because the code contains these tokens, the developer is actually giving anyone – that finds the token – access to the developer’s company’s internal chats and files on Slack.