clickup
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- [NO_CODE]: The skill consists solely of documentation and code snippets, without any bundled executable scripts or binary files.
- [SAFE]: The skill follows security best practices by recommending the use of environment variables for storing and accessing ClickUp API tokens.
- [SAFE]: Network operations are directed exclusively to the official and well-known api.clickup.com domain.
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface typical for API integrations. 1. Ingestion points: ClickUp API responses containing task data as seen in SKILL.md. 2. Boundary markers: None specified in the code snippets. 3. Capability inventory: Outbound network requests via the requests library. 4. Sanitization: No explicit sanitization or validation of API-returned content is demonstrated in the examples.
Audit Metadata