Microsoft To Do

Manage Microsoft To Do tasks via the `todo` CLI. Use when user wants to add, list, complete, remove tasks, manage subtasks (steps), notes, or organize task lists.

MIT-0 · Free to use, modify, and redistribute. No attribution required.

⭐ 1 · 1.5k · 4 current installs · 4 all-time installs

by@underwear

MIT-0

Security Scan

VirusTotal

Benign

View report →

OpenClaw

Benign

high confidence

✓

Purpose & Capability

The name/description (Microsoft To Do via a 'todo' CLI) match the requested binary and the runtime instructions. The CLI operations (add/list/complete/remove tasks, subtasks, notes, lists) are coherent with the stated purpose.

✓

Instruction Scope

SKILL.md instructs the agent to run the 'todo' commands, perform OAuth in a browser, and store credentials under ~/.config/microsoft-todo-cli; it does not ask the agent to read unrelated system files, other skills' credentials, or exfiltrate data to unexpected endpoints. The only external endpoints are Microsoft/Azure (expected for OAuth).

ℹ

Install Mechanism

Install uses a Python package (uv/pip) 'microsoft-todo-cli' which will create the 'todo' binary. Installing from PyPI/pip is a common pattern but carries moderate trust risk compared with purely instruction-only skills — verify the package origin and publisher before installing.

ℹ

Credentials

No environment variables are required, which is consistent. The instructions do require creating a local config file (~/.config/microsoft-todo-cli/keys.yml) containing client_id and client_secret; this is proportional to performing OAuth but is sensitive (client_secret stored on disk). The registry metadata did not declare the config path even though the SKILL.md references it — a minor metadata inconsistency.

✓

Persistence & Privilege

always:false and user-invocable:true — normal. The skill will create config and token files under the user's home config directory (expected). It does not request system-wide changes or other skills' configuration.

Assessment

This skill is internally consistent for providing a Microsoft To Do CLI, but before installing you should: 1) verify the pip package and GitHub repository authorship (ensure the package name and repo match and are from a trusted maintainer); 2) inspect the package source (or the GitHub repo) if possible because the registry entry is instruction-only and the actual code will be installed from PyPI; 3) be aware that you must create a keys.yml containing client_id and client_secret — store that file securely (restrict filesystem permissions) or prefer a secrets manager if possible; 4) confirm the package's behavior on first run (where token.json is created) and that OAuth redirects to the expected localhost URL; and 5) avoid installing if you cannot confirm the package's provenance or if you prefer not to place client secrets in a local file.

Like a lobster shell, security has layers — review code before you run it.

Current versionv1.0.0

Download zip

latestvk976q6xkvxf0avk0mmt8dp1c4180n3psmicrosoftvk976q6xkvxf0avk0mmt8dp1c4180n3psproductivityvk976q6xkvxf0avk0mmt8dp1c4180n3pstasksvk976q6xkvxf0avk0mmt8dp1c4180n3pstodovk976q6xkvxf0avk0mmt8dp1c4180n3ps

License

MIT-0

Free to use, modify, and redistribute. No attribution required.

Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

✅ Clawdis

Binstodo

Install

Install microsoft-todo-cli (pip/uv)

Bins: todo

uv tool install microsoft-todo-cli

SKILL.md

Microsoft To Do CLI

Manage tasks in Microsoft To Do using the todo command.

References

references/setup.md (Azure app registration + OAuth configuration)

Prerequisites

todo CLI installed (pip install microsoft-todo-cli)
Microsoft Azure app registered (see references/setup.md)
Credentials configured at ~/.config/microsoft-todo-cli/keys.yml
First run completes OAuth flow in browser

Commands

Tasks

# List tasks
todo tasks --json                        # Default list
todo tasks Work --json                   # Specific list
todo tasks --due-today --json            # Due today
todo tasks --overdue --json              # Past due
todo tasks --important --json            # High priority
todo tasks --completed --json            # Done tasks
todo tasks --all --json                  # Everything

# Create task
todo new "Task name" --json              # Basic
todo new "Task" -l Work --json           # In specific list
todo new "Task" -d tomorrow --json       # With due date
todo new "Task" -r 2h --json             # With reminder
todo new "Task" -d mon -r 9am --json     # Due Monday, remind 9am
todo new "Task" -I --json                # Important
todo new "Task" -R daily --json          # Recurring daily
todo new "Task" -R weekly:mon,fri --json # Specific days
todo new "Task" -S "Step 1" -S "Step 2" --json  # With subtasks
todo new "Task" -N "Note content" --json      # With note

# Update task
todo update "Task" --title "New" --json
todo update "Task" -d friday -I --json

# Complete/Uncomplete
todo complete "Task" --json
todo complete 0 1 2 --json               # Batch by index
todo uncomplete "Task" --json

# Delete
todo rm "Task" -y --json

Subtasks (Steps)

todo new-step "Task" "Step text" --json
todo list-steps "Task" --json
todo complete-step "Task" "Step" --json
todo uncomplete-step "Task" "Step" --json
todo rm-step "Task" 0 --json

Notes

todo note "Task" "Note content"
todo show-note "Task"
todo clear-note "Task"

Lists

todo lists --json
todo new-list "Project X" --json
todo rename-list "Old" "New" --json
todo rm-list "Project X" -y --json

Task Identification

Method	Stability	Use Case
`--id "AAMk..."`	Stable	Automation, scripts
Index (`0`, `1`)	Unstable	Interactive only
Name (`"Task"`)	Unstable	Unique names only

Use ID for multi-step operations:

ID=$(todo new "Task" -l Work --json | jq -r '.id')
todo complete --id "$ID" -l Work --json

Date & Time Formats

Type	Examples
Relative	`1h`, `30m`, `2d`, `1h30m`
Time	`9:30`, `9am`, `17:00`, `5:30pm`
Days	`tomorrow`, `monday`, `fri`
Date	`2026-12-31`, `31.12.2026`
Keywords	`morning` (7:00), `evening` (18:00)

Recurrence Patterns

Pattern	Description
`daily`	Every day
`weekly`	Every week
`monthly`	Every month
`yearly`	Every year
`weekdays`	Monday to Friday
`weekly:mon,wed,fri`	Specific days
`every 2 days`	Custom interval

Aliases

Alias	Command
`t`	`tasks`
`n`	`new`
`c`	`complete`
`d`	`rm`
`sn`	`show-note`
`cn`	`clear-note`

Notes

Always use --json for all commands to get structured output
Always use -y with rm commands to skip confirmation
Use --id with -l ListName for list context
First run opens browser for OAuth authentication

Files

2 total

Select a file

Select a file to preview.

Comments

Loading comments…