Skills
skills/sickn33/antigravity-awesome-skills/clickup-automation/Gen Agent Trust Hub

clickup-automation

Pass

Audited by Gen Agent Trust Hub on Apr 17, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill requires the configuration of an external Model Context Protocol (MCP) server endpoint (https://rube.app/mcp) to provide ClickUp integration tools.
  • [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface by ingesting untrusted data from the ClickUp API.
  • Ingestion points: The agent retrieves task names, descriptions, and comments through tools like CLICKUP_GET_TASK and CLICKUP_GET_TASK_COMMENTS (SKILL.md).
  • Boundary markers: There are no explicit delimiters or instructions provided to the agent to ignore potentially malicious content embedded in the retrieved ClickUp data (SKILL.md).
  • Capability inventory: The skill enables significant actions such as task creation (CLICKUP_CREATE_TASK), modification (CLICKUP_UPDATE_TASK), and deletion (CLICKUP_DELETE_TASK) (SKILL.md).
  • Sanitization: No sanitization or validation of the retrieved external content is described before it enters the agent's context (SKILL.md).
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 17, 2026, 08:23 PM