Recently Slack moved from using "Validation Tokens" to validate that Slash Command requests were actually from Slack to signing the requests with a "Client Signing Secret".  This seems like a