Yatta! - Task & Capacity Management
WarnAudited by ClawScan on May 10, 2026.
Overview
The skill is a coherent Yatta task manager, but the registry says it can be invoked by the agent and needs no credential even though the docs require a full-access API key and allow destructive account changes.
Only install after confirming the registry metadata has been fixed to show the Yatta API key requirement and manual-only invocation. Treat the API key as full account access, verify the Supabase endpoint, and review every write, delete, calendar-sync, or batch command before running it.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the platform honors the registry flag, an agent may be able to invoke this skill without an explicit user command and make account changes such as archiving tasks or modifying projects.
This registry-level flag would allow model invocation even though SKILL.md documents destructive POST, PUT, DELETE, and batch operations that immediately modify the user's Yatta account.
disable-model-invocation: false (default — agent can invoke autonomously, this is normal)
Fix the published metadata so model invocation is disabled, or add enforced confirmations/dry-runs before any write, delete, batch, calendar-sync, or archive operation.
Users may not receive a clear registry-level warning that installing and using the skill involves a full-access account credential.
The registry contract under-declares credentials even though SKILL.md requires YATTA_API_KEY/YATTA_API_URL and states the key grants full account access with no read-only scopes.
Required env vars: none ... Primary credential: none
Publish corrected registry/package metadata declaring YATTA_API_KEY as the primary credential and YATTA_API_URL as configuration; prefer scoped or read-only keys if Yatta adds support.
A user may install the skill believing destructive actions cannot be autonomously invoked, while the registry indicates the opposite.
This safety claim conflicts with the supplied registry flag showing disable-model-invocation as false, which could make users over-trust the manual-only behavior.
🔒 Autonomous invocation disabled - Requires explicit user commands
Align the registry, package metadata, and documentation before distribution; remove or qualify manual-only claims until the platform displays and enforces them correctly.
Mistakes in batch commands can quickly change many tasks or projects and may be hard to reverse.
Batch and real-time account mutations are purpose-aligned and documented, but a wrong ID list or payload could propagate changes across many tasks.
Batch Update Tasks ... AFFECTS MULTIPLE TASKS ... Changes appear in UI immediately ... Undo: Batch update again with previous values (tedious)
Use small test batches first, review generated payloads, and prefer read-only listing commands before any batch update or archive operation.