Todokan Review Loop
PassAudited by ClawScan on May 10, 2026.
Overview
The skill appears coherent and purpose-aligned, but it gives an AI agent Todokan read/write authority to autonomously comment on and move AI-enabled tasks.
Install this only if you want an AI agent to handle Todokan tasks that are sent to AI, post comments, and move them to review/done. Use a restricted Todokan API key, limit the boards or habitats available to the MCP server, test privately first, and monitor early runs for unwanted comments or status changes.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may post visible task comments and move selected Todokan tasks without asking for confirmation each time.
The skill instructs the agent to use MCP to write comments and change task status. This is expected for a Todokan review-loop skill, but it is still workspace mutation authority.
Add a new MCP comment ... Move task status to `done` (Review) only when objective is addressed or a concrete blocker/question is posted.
Use least-privilege Todokan scopes, test on a limited board first, and monitor comments/status changes during early runs.
A compromised or over-scoped key could allow broader Todokan task/comment access than intended.
The documented setup requires a Todokan API key with read and write permissions. These permissions are purpose-aligned, but they delegate account authority to the agent.
Minimum practical scopes: - `boards:read` - `tasks:read` - `tasks:write` - `comments:read` - `comments:write`
Create a dedicated Todokan key with only the needed scopes and rotate or revoke it when the automation is no longer needed.
Todokan task, board, and comment contents may be read or updated through the configured MCP connection.
The skill uses an external Todokan MCP endpoint authenticated with a bearer token. This is disclosed and expected, but task and comment data flows through that integration.
"url": "https://todokan.com/mcp",
"headers": {
"Authorization": "Bearer kb_live_YOUR_API_KEY"
}Verify the MCP URL is the official Todokan endpoint and avoid using keys that grant access outside the intended workspace or boards.
If connected to a scheduler, the agent can repeatedly process Todokan tasks until the scheduler or credentials are disabled.
The artifacts explicitly support recurring automation. This is not hidden persistence, but users should understand it may keep acting on matching tasks while scheduled.
This skill is optimized for recurring bot runs: - pick tasks in `doing` - process full comment context - post a high-quality response comment - move task to `done` (Review) when appropriate
Run it only in intended schedules, keep the `aiEnabled`/board scope tight, and stop the scheduler or revoke the key if behavior is unexpected.