Todoist

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward Todoist helper skill; its main risks are normal CLI installation and access to your Todoist tasks, not hidden or malicious behavior.

Install this only if you want your agent to use Todoist through the td CLI. Review or pin the upstream Todoist CLI before running the setup commands if you are cautious about supply-chain risk, and be aware that generic task or agenda requests may cause the agent to consult your Todoist data.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 87% confidence
Finding: The skill’s trigger description is broad enough to activate on many ordinary requests about tasks, agendas, or checklists, which can cause the agent to invoke this skill in contexts the user did not intend. Because the skill supports state-changing operations such as add, update, complete, move, and delete, over-triggering increases the risk of unintended access to personal Todoist data or accidental modification of tasks.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal