Back to skill

Security audit

topydo

Security checks across malware telemetry and agentic risk

Overview

This skill is a straightforward guide for using the local topydo todo.txt command-line tool, with normal task-management risks but no evidence of hidden or malicious behavior.

Install topydo only from a package source you trust. Before allowing the agent to run commands that delete, edit, sort, archive, or bulk-complete tasks, ask it to list the affected tasks first and confirm the exact IDs or filter it will use.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
92% confidence
Finding
The description says to use the skill for 'any task management, todo lists, or when the user mentions tasks, todos, or todo.txt,' which is broad enough to trigger in many ordinary conversations. Over-broad invocation increases the chance the agent will select this skill unnecessarily and perform filesystem-affecting CLI operations in contexts where the user did not explicitly ask to manage local todo data.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The documentation includes deletion commands like 'topydo del' and expression-based bulk deletion without any warning, confirmation guidance, or safety constraints. In an agent setting, this can normalize destructive actions and lead to accidental data loss if the skill is invoked from ambiguous user requests or if task selectors match more items than intended.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.