todoist-api
Pass
Audited by Gen Agent Trust Hub on Apr 7, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Recommends downloading the official 'todoist-api-python' SDK and 'requests' library from PyPI.
- [COMMAND_EXECUTION]: Documentation includes instructions for executing shell commands to set environment variables and test the API using 'curl'.
- [PROMPT_INJECTION]: The skill processes untrusted task and project data, creating a potential surface for indirect prompt injection. Ingestion points: Data retrieved from the Todoist API. Boundary markers: No delimiters or ignore instructions are provided in the setup. Capability inventory: Ability to create/modify tasks and execute shell tools. Sanitization: No content validation is described in the provided instructions.
Audit Metadata