todoist

SUSPICIOUS. The skill’s purpose matches task-management capabilities, but its trust model is incomplete: it requires an external CLI and a separate secrets helper, lacks install details, and uses a binary name that does not cleanly match the official Doist documentation. This is not strong evidence of malware or overt exfiltration, but it is medium risk due to ambiguous execution provenance and credential forwarding to external tooling.