Skills
skills/buddyh/agent-skills/todoist-cli/Gen Agent Trust Hub

todoist-cli

Pass

Audited by Gen Agent Trust Hub on Mar 24, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill recommends installing a CLI tool hosted on the author's GitHub repository (github.com/buddyh/todoist-cli) via Homebrew or Go.\n- [COMMAND_EXECUTION]: The skill relies on shell execution of the todoist binary to perform task, project, and comment operations.\n- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and processes content (task names, descriptions, and comments) from the external Todoist API.\n
  • Ingestion points: External data enters the context via task listing and viewing commands (todoist tasks, todoist view, todoist comment) in SKILL.md.\n
  • Boundary markers: There are no explicit delimiters or instructions provided to the agent to treat retrieved content as untrusted data.\n
  • Capability inventory: The skill possesses impactful capabilities including task creation, modification, and deletion (todoist add, todoist update, todoist delete).\n
  • Sanitization: No sanitization or validation logic is specified for the data retrieved from the remote service.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 24, 2026, 02:26 AM