todoist-cli

[Skill Scanner] Natural language instruction to download and install from URL detected All findings: [CRITICAL] command_injection: Natural language instruction to download and install from URL detected (CI009) [AITech 9.1.4] [CRITICAL] command_injection: Installation of third-party script detected (SC006) [AITech 9.1.4] [CRITICAL] command_injection: Installation of third-party script detected (SC006) [AITech 9.1.4] The code fragment is a coherent, non-malicious description of a Todoist CLI tool with standard command patterns and a JSON output option. No credentials or secret handling is shown; authentication approach is not specified and should be reviewed in the full implementation. The data flow (user input -> CLI -> Todoist API -> CLI output) is consistent with the stated purpose. Potential security considerations include secure handling of API tokens and careful management of sensitive task data in logs or JSON outputs. LLM verification: No direct malicious code is present in the SKILL.md itself. However, the skill instructs users to install and execute a third-party binary using unpinned/unverified installation commands (Homebrew tap, go install @latest). That pattern increases supply-chain risk: if the upstream repository or published binary were compromised, the installed CLI could exfiltrate Todoist data or credentials. The documentation also omits details about how authentication tokens are obtained and stored, which is a s