Trello
ReviewAudited by ClawScan on May 7, 2026.
Overview
This is a coherent Trello integration, but it uses Maton OAuth/API credentials and can change Trello data, so users should confirm the account and each write action.
Before installing, make sure you trust Maton to proxy Trello API requests, use the correct Trello connection ID if you have multiple accounts, keep your MATON_API_KEY private, and require clear confirmation before any Trello create, update, or delete operation.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If approved, the agent could create, update, or delete Trello resources in the connected account.
The skill can perform Trello write operations that affect project-management data, but the artifact explicitly instructs the agent to get user approval first.
Manage boards, lists, cards, checklists, labels, and members... All write operations require explicit user approval. Before executing any create, update, or delete call, confirm the target resource and intended effect with the user.
Approve only specific Trello changes after checking the board, list, card, member, or label being modified.
The agent can act within the privileges of the connected Trello account.
The skill requires a Maton API key and a Trello OAuth connection, giving the integration delegated access to the connected Trello account.
Access the Trello API with managed OAuth authentication... export MATON_API_KEY="YOUR_API_KEY"
Use the intended Trello account, keep MATON_API_KEY secret, and revoke the Maton/Trello connection when it is no longer needed.
Trello request data and returned board/card information may pass through Maton's API service.
Trello API requests and responses flow through the Maton gateway, which is an external data boundary and credential-handling service.
Base URL: https://api.maton.ai/trello/{native-api-path}... Maton proxies requests to `api.trello.com` and automatically injects your OAuth token.Install only if you trust Maton as an OAuth/API proxy, and avoid sending unnecessary sensitive Trello data through the integration.
Using the CLI requires trusting the external Maton CLI package and its distribution channel.
The setup documentation points to external CLI installation sources that are not included in the provided artifact and therefore were not statically reviewed here.
npm install -g @maton-ai/cli brew install maton-ai/cli/maton
Verify the package source before installing, prefer official Maton documentation, and keep the CLI updated.