ClawHub
Back to skill
v1.0.0

Todo Management 1.1.2

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 5:20 AM.

Analysis

This appears to be a straightforward local SQLite todo manager, but it will run a local Bash script and persist or delete todo data in a workspace database.

GuidanceThis skill is reasonable for local todo management. Before installing, be aware that it runs a local shell script, creates or updates a workspace todo.db file, and can delete todo entries when asked; avoid putting secrets in todo text and do not run unnecessary npm install steps.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation
SeverityLowConfidenceHighStatusNote
SKILL.md
All changes MUST happen through the CLI:
`bash {baseDir}/scripts/todo.sh ...`

The skill intentionally routes todo mutations through a local Bash CLI, including add, edit, move, remove, and clear operations.

User impactThe agent can change or delete entries in the local todo database when acting on todo-management requests.
RecommendationUse clear wording for delete or clear requests, and verify IDs when removing ambiguous tasks.
Agentic Supply Chain Vulnerabilities
SeverityLowConfidenceMediumStatusNote
package.json
"dependencies": {
		"package-lock.json": "^1.0.0"
	}

The npm dependency is not explained by the Bash/sqlite3-based skill workflow and is not referenced by the README or SKILL.md setup instructions.

User impactIf a user unnecessarily runs npm install in this skill folder, it may fetch an unrelated package that is not needed for the todo functionality.
RecommendationDo not run npm install for this skill unless the maintainer explains the dependency; maintainers should remove or justify the package files.
Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Memory and Context Poisoning
SeverityLowConfidenceHighStatusNote
SKILL.md
A per-workspace SQLite database:
- Default: `./todo.db`
- Override: `TODO_DB=/path/to/todo.db`

Todo text is stored persistently in a workspace SQLite database and may be read back in later sessions.

User impactAnything placed in the todo list may persist locally and be shown later when the list is requested.
RecommendationAvoid storing secrets or highly sensitive information as todo text, and set TODO_DB deliberately if using a non-default location.