ClawHub
Back to skill
v1.0.0

Ticktick Linux

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 5:17 AM.

Analysis

This skill openly uses a local TickTick CLI to list, create, and complete tasks, but users should verify the CLI and credentials because it can access and change their TickTick tasks.

GuidanceInstall only if you trust the local tickrs binary and are comfortable letting the agent list, create, and complete tasks in the authenticated TickTick account. Protect the TickTick client secret and verify task-completion requests before allowing changes.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation
SeverityLowConfidenceHighStatusNote
SKILL.md
/home/david/.cargo/bin/tickrs task create --json --title "{{title}}" ... /home/david/.cargo/bin/tickrs task complete "{{id}}" --json

The skill exposes local CLI commands that can create and complete TickTick tasks using user-provided parameters. This is aligned with the stated purpose, but it can change account data.

User impactThe agent could add tasks or mark tasks complete in the connected TickTick account when this skill is used.
RecommendationReview task creation/completion requests carefully, especially task IDs, project names, and task text. Keep inputs to expected task values and avoid using this skill for accounts where unintended task changes would be serious.
Agentic Supply Chain Vulnerabilities
SeverityLowConfidenceHighStatusNote
SKILL.md
requires:
  bins: ["/home/david/.cargo/bin/tickrs"]

The skill depends on an external local executable that is not included in the artifact set. The dependency is disclosed and central to the purpose, but its provenance should be checked separately.

User impactThe agent will run whatever executable exists at that path, so an unexpected or tampered binary could act outside the documented TickTick workflow.
RecommendationBefore installing, confirm that /home/david/.cargo/bin/tickrs is the intended TickTick CLI installed from a trusted source and is not writable by untrusted users.
Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse
SeverityLowConfidenceHighStatusNote
SKILL.md
requires:
  bins: ["/home/david/.cargo/bin/tickrs"]
  env: ["TICKTICK_CLIENT_ID", "TICKTICK_CLIENT_SECRET"]
...
You must authenticate the CLI first by running: `~/.cargo/bin/tickrs init`

The skill requires TickTick credential-related environment variables and an authenticated CLI session. This is expected for a TickTick integration, but it grants access to the user's task data.

User impactWhoever can invoke the skill through the agent may be able to list, create, or complete tasks in the authenticated TickTick account.
RecommendationTreat the client secret and authenticated CLI session as account credentials. Use only a trusted local environment and revoke or rotate credentials if they may have been exposed.