ClickUp Automation
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- [SAFE]: No evidence of malicious behavior, credential exfiltration, or unauthorized network access was found. All components align with the stated purpose of ClickUp automation.
- [NO_CODE]: The skill consists entirely of configuration metadata and markdown documentation without any bundled scripts or binaries.
- [PROMPT_INJECTION]: Indirect prompt injection surface detected. Ingestion points: External data from Slack messages and GitHub PR details (SKILL.md). Boundary markers: None identified in templates. Capability inventory: Tool access to ClickUp API for task and workspace management (SKILL.md). Sanitization: No explicit validation logic is defined for external data sources.
Audit Metadata