Todokan Review Loop

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed Todokan automation skill that reads AI-enabled tasks, posts comments, may attach documents, and moves tasks to review without hidden code or unrelated behavior.

Install only if you want Todokan items sent to AI to be handled automatically. Use a dedicated narrowly scoped API key, limit accessible boards or habitats, test on a non-production or beta board first, and monitor early runs for unwanted comments, document attachments, or status changes.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Missing User Warnings

Medium

Confidence: 89% confidence
Finding: The README explicitly describes an autonomous workflow that reads comment context, posts reply comments, and moves tasks between states, but it does not prominently warn that enabling the skill will modify live board data. In an automation/cron context, this increases the chance of unintended writes, spammy replies, or workflow disruption because operators may treat it as a passive review tool rather than an active mutating bot.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal