v1.0.3

Taskify CLI

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 7:32 AM.

Analysis

This appears to be a legitimate Taskify CLI helper, but users should notice that it installs and uses an external CLI, local Nostr identity, relays, and optional AI forwarding for task data.

GuidanceInstall only if you trust the taskify-nostr package and the relays/backends you plan to use. Use a dedicated profile if possible, keep private keys out of prompts, and ask the agent to confirm before deleting, bulk-clearing, importing, changing relays, or using AI commands on sensitive tasks.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Agentic Supply Chain Vulnerabilities

SeverityLowConfidenceHighStatusNote

SKILL.md

npm install -g taskify-nostr

The skill directs users to install an external npm CLI package. This is disclosed and central to the purpose, but the package is not bundled or pinned in the provided artifacts.

User impactInstalling the CLI gives that external package local execution ability under the user's account.

RecommendationVerify the npm package and GitHub source before installing, prefer a user-local install on shared systems, and consider pinning a known-good version.

Tool Misuse and Exploitation

SeverityMediumConfidenceHighStatusNote

references/boards.md

taskify board clear-completed <board>          # delete all completed tasks

The command reference includes bulk/destructive task and board operations. These are aligned with a task-management CLI, but they can materially change user data.

User impactAn agent using these commands could remove or alter task records if the user gives broad or ambiguous instructions.

RecommendationRequire explicit user confirmation for deletes, bulk clears, imports, relay changes, and board administration actions.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityMediumConfidenceHighStatusNote

SKILL.md

Run the onboarding wizard — it generates or imports a Nostr keypair and stores it securely in the local CLI config

The CLI operates using a persistent Nostr identity. The artifact says the skill should not expose private keys, but the installed CLI will still rely on local credential material to publish and manage tasks.

User impactCommands can act as the configured Nostr identity to read, create, update, delete, and sync Taskify data.

RecommendationUse a dedicated Taskify/Nostr identity where possible, protect the local CLI config, and never paste private keys into agent prompts or shared environments.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Insecure Inter-Agent Communication

SeverityMediumConfidenceHighStatusNote

SKILL.md

`taskify agent` commands forward task text to an external AI backend

The skill discloses that AI-assisted commands can send task text to a configured external backend. This is purpose-aligned and warned about, but task data may be sensitive.

User impactTask titles, notes, or task lists may be shared with an external AI provider if agent subcommands are used.

RecommendationDo not use AI subcommands on sensitive boards unless the backend is trusted or self-hosted, and keep relay choices limited to relays you control or trust.