CSTAR for Teams

Not every website out there is particularly safe. UpGuard's CSTAR Cloudscanner continually monitors over a million websites for dozens of risk factors, and gives each site a score from 0 to 950, a bit like a credit score for risk.

CSTAR for Teams patiently listens for URLs posted in Slack and provides gentle CSTAR notifications in-line (configurable as emoji reactions or text replies), giving team members a heads-up about harmful sites prior to clicking the link.

CSTAR for Teams
Add to Slack

Once installed, invite CSTAR to channels in which links are often posted (#general and #random may be a good start), and carry on using Slack normally.

What is CSTAR?

Glad you asked—it's a way to score the risk level of third-party websites as well as internal systems. Read more.

Configuration Options

You may say the following commands somewhere CSTAR can hear them (channels or privately):

  • cstar mode [standard/channel/thread/symbols/fruit] - Change the CSTAR notification mode.
    • "Standard" is a good blend of text replies and emoji reactions—a green apple emoji reaction assures users a link is scoring well, while a text notification with an option for more details appears when a site is poor.
    • "Channel" gives all text replies, all the time.
    • "Thread" does text replies too, but posts them as a threaded reply.
    • "Symbols" and "Fruit" are emoji reaction-only modes that will provide a red/yellow/green indicator of a site's score. ("Fruit," as you might've guessed, uses fruit emoji.)
  • cstar ignore [domain] - Links to well-scoring sites which get posted commonly—perhaps social networking sites or cloud file storage domains—can be optionally added to an ignore list and effectively muted. (But if their CSTAR score has dropped to an unacceptable level, we'll notify you anyway because that's what friends are for.)
  • cstar ignore list - Replies with the current ignore list.
  • cstar unignore [domain] - Unignore a domain.
  • /invite @cstar [channel] - This is a standard Slack command, but it's how CSTAR gets around to new channels. CSTAR isn't rude and won't join any channel you don't invite it to.
  • /kick @cstar - Another standard Slack command, and maybe the saddest one.

Configuration settings are team-wide and can be changed by any team member.

Report bugs or send comments and suggestions to

Version History

Version 1.0 (August 2017)

  • Initial launch, hello.

Privacy Policy and Notices

CSTAR for Teams only listens for the bare minimum necessary to do its job—the domains of URLs which need to be scanned and configuration commands you issue to it—everything else is ignored. No chat history or individual user data is kept, transferred to anyone else, or used by UpGuard in any manner. Basic usage statistics (very generalized values such as the number of times CSTAR has been used) are collected and used only for future feature/scale planning, as well as troubleshooting.

While CSTAR has been shown to be a leading indicator of whether or not a website or organization is safe, we make no guarantees as to the security of your organization through use of this app. CSTAR for Teams does not censor or edit out potentially harmful links. Nothing is a replacement for educating your team about best practices regarding online security.


It's free.

UpGuard Terms of Use

If you like reading legalese, have a look at the UpGuard Terms of Use.

Add to Slack