While this application has been built with information security in mind,

• Does not request any Slack user tokens (xoxp-...) and runs purely on bot tokens (xoxb-...)
• Bot token scopes include permissive access to public channels only. Reading of any other type of channel is not possible without modificaiton of the setup instructions.
• Care has been taken to request the minimum amount of scopes possible.
• Messages are not stored in any database and are analyzed in-memory only.

• Store environment variables in a deploy-specific secure vault
• Encrypt xoxb tokens in the database