Security audit

Google Tasks

Security checks across malware telemetry and agentic risk

Overview

This is a clearly disclosed Google Tasks connector for AgentPMT, with expected task read/write/delete abilities and no hidden local code or persistence.

Install only if you want an agent to manage your Google Tasks through AgentPMT. Before deletion or cleanup, ask the agent to list the target task or task list first and require explicit confirmation, especially for clear_completed or delete_tasklist.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (2)

Vague Triggers

Medium

Confidence: 88% confidence
Finding: The skill advertises broad activation keywords including generic terms like "tasks" and "tasklist id," which can cause over-selection of this skill in contexts that are not specifically requesting Google Tasks. In an agent setting, that raises the chance of unintended remote calls against a user's task data, including reads, writes, and deletions, when a more specific or safer skill should have been chosen.

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The skill documents destructive operations like deleting task lists and deleting tasks without an explicit warning that these actions may be irreversible or user-impacting. In an autonomous agent workflow, that omission can normalize unsafe execution and increase the risk of accidental data loss from routine or ambiguous prompts.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.