Tasks

Security checks across malware telemetry and agentic risk

Overview

This skill is a small Todoist CLI helper with expected task-account access, though its Microsoft To-Do token reference is unclear and should be treated cautiously.

Install only if you expect the agent to use a Todoist CLI that can read and modify your tasks. Prefer a narrowly scoped Todoist token, do not provide a Microsoft Graph token unless the publisher clearly documents supported Microsoft To-Do behavior, and verify the pip package before installing.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Description-Behavior Mismatch

Medium

Confidence: 94% confidence
Finding: The skill manifest and installation metadata describe a Todoist-only CLI, but the documentation claims broader support for Microsoft To-Do and use of an alternate `MSGRAPH_TOKEN`. That mismatch can mislead users and agents about what services the skill accesses and what credentials are appropriate, increasing the risk of unintended token exposure, misconfiguration, or use of unsupported integrations.

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The skill states that API tokens are required but does not clearly disclose that task content will be transmitted to external third-party services such as Todoist, and it ambiguously references Microsoft To-Do as well. Because task titles and due dates may contain sensitive work or personal information, the missing disclosure can cause users to unknowingly send confidential data off-system.

VirusTotal

60/60 vendors flagged this skill as clean.

View on VirusTotal