Skills
skills/discountry/ritmex-skills/clickup/Gen Agent Trust Hub

clickup

Pass

Audited by Gen Agent Trust Hub on Apr 7, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill facilitates the execution of the clickup CLI tool to perform operations such as reading tasks, creating comments, and managing documentation. All commands are based on standard ClickUp API interactions.
  • [EXTERNAL_DOWNLOADS]: The README provides instructions to install the @discountry/clickup-cli package from npm and add the skill from the author's GitHub repository. These resources are owned by the verified author of the skill.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it ingests untrusted data from external sources including task comments, descriptions, and document content.
  • Ingestion points: Commands like clickup get, clickup comments, clickup doc, and clickup page read content from the ClickUp platform into the agent's context.
  • Boundary markers: The instructions do not specify the use of delimiters or 'ignore' instructions when processing remote data.
  • Capability inventory: The skill possesses write capabilities including clickup comment, clickup edit-page, and clickup status, which could be abused if an injection is successful.
  • Sanitization: There is no evidence of content validation or escaping before interpolation into the agent's workspace.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 7, 2026, 10:37 PM