todoist-due-drafts

SUSPICIOUS: the overall workflow is coherent with the stated purpose, but its footprint is high-risk. It aggregates sensitive email and meeting data, forwards credentials to multiple CLIs, includes at least one likely non-official Todoist tool with unclear provenance, and mandates verbose logging that may leak secrets. This looks more like an overprivileged automation skill than confirmed malware, but it should be treated as high-risk and reviewed before use.