The Mac Admins Slack is a community workspace with tens of thousands of members — IT professionals managing Apple devices at scale, sharing knowledge and solving problems together. As part of the Mac Admins Foundation board, I’ve spent the past few months building tools to help administer it.

Community workspaces have different needs than corporate ones. Slack’s native tooling assumes a corporate context, and the features that might help — Enterprise Grid, advanced compliance tools — come with enterprise pricing. We’re a nonprofit. We’d rather spend our money on scholarships, education, and speaker grants than on APIs and tooling. And so, we build what we need.

These tools address specific pain points that were consuming admin time and creating friction for members. All three are open source, run on minimal infrastructure, and are available for other community Slack admins facing similar challenges.

Slack Cleaner: Self-Service Message Deletion 1

In our Slack instance, regular users can’t delete their own messages after a five-minute window, only workspace admins can. Even deleted messages in this window still show up, with a strikethrough. We don’t enable self-deletion by default because we’ve seen it abused: someone posts something inflammatory, deletes it, and claims it never happened. But people do have legitimate reasons to remove messages; typos, accidental pastes, wrong channel, and handling these requests manually doesn’t scale.

Slack Cleaner enables self-service deletion with trust built in. Members right-click a message and select “Delete my message.” The request appears in a private admin channel with full context: who’s asking, which channel, a preview of the message. An admin reacts with a checkmark to approve or an X to deny. The message is deleted, the member is notified, and everything is logged.

The audit trail is the point here. We can say yes to deletion requests because we have a record of what was deleted and why. Automation and accountability aren’t in tension any more, they reinforce each other.

Technically, it’s deliberately simple: a Python process using Socket Mode (no public endpoints, no SSL configuration), emoji reactions for the approval workflow, SQLite for the audit log. It runs on about 50MB of RAM. Not nothing, but hardly demanding.

Slack Ploughshare: Channel Lifecycle Management 2

The second problem is channel sprawl. In an active community, channels accumulate. Project channels outlive their projectsm discussion channels go quiet. After a few years, you have hundreds of channels where nobody’s posted in over a year, and community feedback tells you the workspace has become difficult to navigate.

Slack offers no native tooling for this, but will gladly build it for you, if you have incredibly deep pockets.

Slack Ploughshare handles channel lifecycle with a structured, cautious approach. It analyses all public channels and categorises them by activity: active, dormant (12+ months inactive), very old (18+ months), or never used. It sends configurable warning messages to inactive channels, giving members 30 days to save a channel by reacting to the warning. After the grace period, unclaimed channels can be archived.

The workflow is designed to avoid accidents. Automated runs are read-only — they analyse and report but never execute destructive actions without explicit human approval. State is tracked in git for a full audit trail.

Slack Shepherd: Security Investigations 3

The third tool addresses a less frequent but more serious need: investigating suspicious behaviour. Community workspaces sometimes attract bad actors — astroturfing, troll accounts, coordinated abuse. When admins have concerns, they need to be able to investigate.

Slack Shepherd compares IP access patterns between Slack users to identify shared accounts or suspicious overlap. You provide two user IDs; it fetches access logs, performs geolocation lookups, and generates a detailed report.

The interesting design choice is using GitHub Issues as the interface. An admin creates an issue with the two user IDs, labels it, and the investigation runs via GitHub Actions. Results are posted as a comment. This approach piggybacks on GitHub’s authentication, and only org members can create issues, and it provides a visible audit trail of who requested what investigation, and when. No separate auth system to build, clear accountability, full transparency.

The Common Thread

All three tools share a philosophy: enable self-service and automation while maintaining transparency and accountability. GitHub Actions and issue-based workflows provide audit trails without requiring custom infrastructure. Simple deployment (Socket Mode, SQLite, cron jobs) keeps operational overhead low.

They’re built for the Mac Admins Slack, but they’re public because other community workspaces face similar problems. If you’re running a large Slack community and these are useful, take them. If you improve them, contributions are welcome.

  1. slack-cleaner — Self-service message deletion with admin approval ↩︎

  2. slack-ploughshare — Channel lifecycle analysis and management ↩︎

  3. slack-shepherd — IP-based security investigations ↩︎