Skillv1.0.1

ClawScan security

ticktick-official-cli · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 1, 2026, 9:31 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's code, instructions, and network endpoints match its stated purpose (official Dida365 OAuth + Open API CLI); the main issues are metadata omissions about environment/config usage and the fact the skill writes a token file to your home config directory.
Guidance: This skill appears to be what it claims: a local CLI that uses Dida365's OAuth and Open API. Before installing or running it, consider: 1) the skill will prompt you to provide a Dida365 client_id and client_secret and may save them (app.env) and an access token (token.env) under ~/.config/ticktick-official/ — review or remove those files if you stop using the skill; 2) the registry metadata did not declare the env vars or token file locations even though the scripts use them — treat this as a documentation/metadata omission and confirm you supply credentials only to the official developer console (https://developer.dida365.com) and that the authorization URLs are dida365.com/api.dida365.com; 3) the skill launches a local HTTP listener to receive the OAuth callback (localhost/127.0.0.1) — ensure that port is acceptable and not blocked; 4) if you do not trust the source, inspect the bundled scripts yourself (they are included) before running. If you want higher assurance, verify the code signatures or obtain the tool from an official upstream repository.

Review Dimensions

Purpose & Capability: okName/description claim: use official Dida365 OAuth and Open API to manage TickTick (Dida365) tasks — the included scripts implement an OAuth flow, token exchange, local callback listener, and an API client against api.dida365.com. There are no unexpected third-party services or unrelated credentials requested in the code. Network calls are limited to dida365.com / api.dida365.com, consistent with the stated purpose.
Instruction Scope: noteSKILL.md instructs the user (and agent) to run the bundled scripts in the skill directory, create a Dida365 app, perform setup/login, and use the CLI for project/task operations. The scripts implement a local HTTP callback listener for OAuth and save an access token to ~/.config/ticktick-official/token.env. They also support reading a JSON file when using --item-json with a leading '@'. These behaviors are expected for an OAuth client, but they do mean the skill will read files the user explicitly points to and persist tokens to the user's home config directory.
Install Mechanism: okNo install spec (instruction-only) and no remote download. All code is bundled with the skill. Dependencies are declared inside script headers (httpx, typer, pydantic, rich) which is reasonable for a Python CLI interacting with HTTP. There are no suspicious external installers or obscure download URLs.
Credentials: concernRegistry metadata lists no required env vars or primary credential, but the code and SKILL.md clearly use/mention environment variables and local config files: TICKTICK_CLIENT_ID, TICKTICK_CLIENT_SECRET, TICKTICK_REDIRECT_URI, TICKTICK_TOKEN, TICKTICK_BASE_URL, and the token/app env files under ~/.config/ticktick-official/. The skill will persist an access token to ~/.config/ticktick-official/token.env. The omission of these environment/config requirements from the registry metadata is an inconsistency (likely benign/oversight) but worth calling out because you should be aware the skill handles OAuth credentials and stores a token on disk.
Persistence & Privilege: noteThe skill writes persistent files under the user's home config directory (~/.config/ticktick-official/), including the OAuth token and optional saved app credentials. always is false and the skill does not modify other skills or system-wide configs. Persistent storage of an access token is expected for an OAuth CLI, but users should know the token file exists and can be deleted if desired.