Todoist Manager

ReviewAudited by ClawScan on May 10, 2026.

Overview

The Todoist purpose is coherent, but the skill asks you to use a Todoist API token with a CLI executable that was referenced but not included for review.

Before installing, confirm where the todoist CLI executable comes from and inspect it, because it was not included in the reviewed files. If you proceed, use a Todoist token only with trusted code and confirm any delete or update action before letting the agent run it.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Medium

#ASI04: Agentic Supply Chain Vulnerabilities

What this means

A user could give their Todoist token and account control to a CLI wrapper whose code and provenance were not included in the reviewed package.

Why it was flagged

The reviewed manifest contains only SKILL.md and no install spec or code files, so the referenced CLI executable is not available for review. That matters because the same skill requires a Todoist API token and documents account mutation commands.

Skill content

chmod +x ~/clawd/skills/todoist/scripts/todoist ... CLI Location ... ~/clawd/skills/todoist/scripts/todoist

Recommendation

Verify and inspect the exact CLI script before use, and prefer a package that includes or pins the helper code and declares its dependencies and credential requirements.

Medium

#ASI03: Identity and Privilege Abuse

What this means

Anyone or any code with access to this token may be able to read or modify the user's Todoist data.

Why it was flagged

The skill relies on a Todoist API token. This is expected for managing Todoist, but the token is sensitive account authority and is not declared in the registry metadata.

Skill content

export TODOIST_API_TOKEN="your_token_here"

Recommendation

Use a Todoist token only with trusted code, keep it out of logs and shared shells, and revoke/regenerate it if exposure is suspected.

Medium

#ASI02: Tool Misuse and Exploitation

What this means

Mistaken or overly broad use could modify or delete tasks, projects, comments, labels, or sections in the user's Todoist account.

Why it was flagged

The skill documents commands that can change or delete Todoist account data. These commands fit the stated manager purpose, but they are high-impact if run on the wrong IDs or without user confirmation.

Skill content

todoist update TASK_ID ... todoist delete-task TASK_ID ... todoist delete-project PROJECT_ID ... todoist delete-comment COMMENT_ID

Recommendation

Require clear user intent before destructive or account-mutating actions, show the target ID/name, and confirm deletes before running them.