4todo
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security threats were identified during the analysis of this skill.
- [CREDENTIALS_UNSAFE]: The skill correctly implements secure credential management by instructing the agent and user to use the
FOURTODO_API_TOKENenvironment variable. It specifically warns against pasting tokens into chat logs or source files. - [DATA_EXFILTRATION]: Network activity is confined to the official 4todo API endpoint (
https://4to.do/api/v0) using HTTPS. No attempts to exfiltrate sensitive local data or communicate with unauthorized domains were found. - [COMMAND_EXECUTION]: The skill uses
curlfor legitimate API interactions as described in its goal. The commands are well-defined and limited to the scope of task management. - [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted data (task names and workspace names) from the 4todo API, representing a standard injection surface for productivity tools. However, the risk is negligible as the skill does not expose high-privilege capabilities. Ingestion points: API responses from
GET /workspacesandGET /todos(defined inSKILL.mdandreferences/api_v0.md). Boundary markers: None specified. Capability inventory: REST API requests viacurl. Sanitization: Relies on the agent's standard handling of JSON interpolation.
Audit Metadata