clickup
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill operates by executing the
clickupcommand-line utility to interact with the ClickUp API for reading and modifying resources. - [EXTERNAL_DOWNLOADS]: The skill requires the installation of the
@discountry/clickup-clipackage from NPM or GitHub. This resource is provided by the skill author. - [PROMPT_INJECTION]: The skill handles data from external sources (ClickUp tasks and docs), creating a potential surface for indirect prompt injection.
- Ingestion points: External content is retrieved using
clickup get,clickup comments,clickup doc, andclickup pagecommands as defined inSKILL.md. - Boundary markers: There are no explicit markers or instructions provided to the agent to distinguish fetched data from system instructions.
- Capability inventory: The skill allows broad modifications including task creation, status updates, and document editing.
- Sanitization: No content filtering or sanitization of the data fetched from ClickUp is specified.
Audit Metadata