Skillv1.0.1

ClawScan security

Ticktick Skill For Power Users · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 9, 2026, 12:16 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's code, instructions, and required data are consistent with a TickTick CLI: it asks only for OAuth credentials (saved locally) and an optional session cookie for attachments, and does not request unrelated secrets or remote installers.
Guidance: This skill appears to be what it says: a local TickTick CLI. Before installing, consider: (1) You will need to create a TickTick developer app and provide clientId/clientSecret — these are stored under ~/.clawdbot/credentials/ticktick-cli/config.json (the code tries to set restrictive perms but confirm on your system). (2) Attachment upload requires adding a browser session cookie (sessionCookie) to that config — sharing a browser cookie is more sensitive than using OAuth and grants API access tied to your web session; avoid doing this unless you understand the risk. (3) The bundle includes executable Python code; inspect the files if you want to verify behavior, or run in an isolated environment/VM. (4) If you prefer, use the OAuth flow (rather than manual cookie injection) to minimize exposure of browser cookies. If you need more detail about any file or a specific code path, ask and I can walk through it line-by-line.

Review Dimensions

Purpose & Capability: okName/description match the shipped code: the package implements a CLI that calls TickTick APIs (OAuth token exchange, project/task endpoints, attachment upload). No unrelated services or credentials are requested.
Instruction Scope: noteSKILL.md and the code stick to TickTick operations. The runtime instructions require creating a TickTick developer app and running local OAuth flows; they instruct storing tokens in ~/.clawdbot/credentials/ticktick-cli/config.json. Note: attachment uploads require adding a browser session cookie (sessionCookie) to the same config, which is outside OAuth and is sensitive.
Install Mechanism: noteThere is no remote install spec in the registry; the SKILL.md suggests pip install -e . or installing requests. All source code is included in the bundle. Installing is local via pip (low risk) — no downloads from unknown URLs or archive extraction from arbitrary hosts.
Credentials: noteThe registry declares no environment variables, which is consistent. The skill does store clientId/clientSecret, access/refresh tokens, and optionally a sessionCookie and v2DeviceId in a local config file. Those are required for the stated features (OAuth and attachment uploads) but are sensitive — the code attempts to set restrictive filesystem perms when saving the config.
Persistence & Privilege: okalways is false and the skill does not request elevated or cross-skill privileges. It writes its own config under ~/.clawdbot/credentials/ticktick-cli; it does not modify other skills or system-wide agent settings.