Andrew Google Tasks

The skill provides legitimate Google Tasks management functionality but contains a security vulnerability in 'scripts/tasks_ops.py' by using the 'pickle' module to load authentication tokens from the user's home directory ('~/.google-tasks-token.pickle'). This is a known risk for Remote Code Execution (RCE) if the local token file is tampered with. Additionally, 'SKILL.md' contains hardcoded environment-specific paths and assumes shared credentials with other Google skills, which increases the potential impact of a credential compromise.