Command	Description
`/lockzero status`	Block Kit cards showing each provider's health (🟢/🟡/🔴), field count, and last rotation
`/lockzero list`	Compact list of all providers with field counts
`/lockzero rotate <namespace>`	Confirmation dialog; on confirm, posts to LockZero rotation endpoint
`/lockzero get <namespace[.FIELD]>`	Returns secret value as ephemeral message (only visible to you)

Security

/lockzero get always uses response_type: "ephemeral" — secrets are never posted to a channel
Rotation requires a Slack confirm dialog ("Are you sure?") before executing
All errors are also returned ephemerally to avoid leaking context in channels

Setup

1. Install from the app manifest

In Slack: Tools & settings → Your apps → Create an App → From a manifest. Paste manifest.json and update the request_url to your deployed host.

2. Environment variables

Variable	Required	Description
`SLACK_BOT_TOKEN`	Yes	`xoxb-...` token from OAuth & Permissions
`SLACK_SIGNING_SECRET`	Yes	From Basic Information
`LOCKZERO_API_KEY`	Yes	From https://app.lockzero.io/settings/api-keys
`LOCKZERO_BASE_URL`	No	Defaults to `https://api.lockzero.io`
`SLACK_APP_TOKEN`	No	`xapp-...` for Socket Mode (optional)
`PORT`	No	HTTP port, defaults to `3000`

3. Run

npm install
npm run build
npm start

4. Point Slack to your server

In your Slack app settings set the following URLs to https://<your-host>/slack/events:

Interactivity & Shortcuts → Request URL
Slash Commands → /lockzero → Request URL

FAQs

What is @lockzero/slack-app?

Is @lockzero/slack-app well maintained?

Package last updated on 10 May 2026

Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

@lockzero/slack-app