Back to skill

Security audit

Ticktick CLI (Full Edition)

Security checks across malware telemetry and agentic risk

Overview

This is a TickTick CLI helper with expected account access and mutation capabilities, but users should handle credentials and full sync output carefully.

Install only if you are comfortable giving the skill access to your TickTick account. Keep .env files, tokens, usernames, and passwords out of chat logs and version control, prefer a local virtual environment, confirm destructive operations before they run, and avoid raw sync output unless you specifically need a full-account export or diagnostic view.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The documentation directs users to place highly sensitive OAuth client secrets, access tokens, usernames, and passwords into a plain `.env` file, but provides no warning about secure storage, file permissions, or exclusion from version control. In an agent skill context, this is more dangerous because users may follow the instructions mechanically and expose reusable credentials to local compromise, shell history, backups, or accidental commits.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The documentation explicitly promotes `ticktick sync --json` as emitting a raw full-account sync payload for diagnostics/export-style inspection, but it does not warn that this output may contain highly sensitive account data such as tasks, metadata, project structure, habits, preferences, and other personal content. In an agent setting, this increases the chance that a model will retrieve, display, log, or transmit bulk private data when a narrower command would have satisfied the user’s need.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal