Microsoft To Do
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Anyone or any agent with the Maton API key may be able to access the connected Microsoft To Do integration according to the permissions granted.
The skill requires a sensitive API key and delegated Microsoft To Do access, which is expected for the integration but should be treated as account authority.
All requests require the Maton API key in the Authorization header
Use this only with a trusted Maton account, protect the MATON_API_KEY, and revoke or rotate it if it is exposed.
If the user approves the wrong action or account, tasks or task lists could be created, changed, or deleted.
The skill exposes write and delete operations against Microsoft To Do, but it also instructs the agent to get explicit approval before using them.
All write operations require explicit user approval. Before executing any create, update, or delete call, confirm the target resource and intended effect with the user.
Before approving writes, verify the Microsoft account, list name, task ID/title, and the exact intended change.
Microsoft To Do data and operations pass through a third-party API gateway, so the user is relying on Maton’s handling of OAuth and request routing.
Requests and task data are mediated by the Maton gateway before reaching Microsoft Graph, which is disclosed and central to the managed OAuth design.
Maton proxies requests to `graph.microsoft.com` and automatically injects your OAuth token.
Review Maton’s account and privacy expectations, and use the Maton-Connection header when multiple Microsoft To Do connections exist.