todoist-api
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: CRITICALEXTERNAL_DOWNLOADSSAFE
Full Analysis
- [EXTERNAL_DOWNLOADS] (SAFE): The skill references the official 'todoist-api-python' package and legitimate developer documentation from Todoist. These sources are considered trustworthy and standard for this integration.
- [CREDENTIALS_SAFE] (SAFE): The provided examples correctly demonstrate using environment variables (
TODOIST_API_KEY) and placeholders, avoiding the risk of hardcoded secrets. - [INDIRECT_PROMPT_INJECTION] (LOW): The skill facilitates the ingestion of external data (task content, project names) from the Todoist API. While the provided examples only display this data via print statements, there is an inherent surface for indirect prompt injection if this untrusted content is later interpolated into an LLM's prompt without sanitization.
- Ingestion points:
api.get_tasks(),api.add_task()responses (README.md). - Boundary markers: None present in the documentation examples.
- Capability inventory: Displaying content via stdout (README.md).
- Sanitization: No explicit sanitization or filtering of task strings is demonstrated.
- [MALICIOUS_URL_ALERT] (SAFE): The automated scan flagged 'label.name' as a malicious URL. However, this string does not appear as a functional link or executable code within the analyzed README.md file and appears to be a false positive or related to the mentioned but unprovided 'SKILL.md'.
Recommendations
- Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata