clickup-debug-bundle
Pass
Audited by Gen Agent Trust Hub on Mar 30, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: Executes Bash commands including curl, tar, grep, and sed to interact with ClickUp APIs and package diagnostic data. This includes using inline Python to format JSON output for readability and gathering system metadata like the hostname and Node.js version.
- [EXTERNAL_DOWNLOADS]: Communicates with api.clickup.com and status.clickup.com. These are the official service endpoints required for the skill's diagnostic functionality.
- [DATA_EXFILTRATION]: While the skill creates a diagnostic bundle for troubleshooting, it redacts email addresses from the output and does not log the ClickUp API token itself, only reporting the token's presence and length.
Audit Metadata