clickup
Pass
Audited by Gen Agent Trust Hub on Apr 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides legitimate instructions for interacting with ClickUp's API.
- [COMMAND_EXECUTION]: Uses standard curl and jq commands for API interaction and response processing.
- [EXTERNAL_DOWNLOADS]: Network operations are directed at the official ClickUp API domain (api.clickup.com), which is a well-known and trusted service.
- [PROMPT_INJECTION]: The skill identifies a surface for indirect prompt injection (Category 8) by reading external data like task descriptions and comments. Ingestion points: ClickUp API results processed in SKILL.md. Boundary markers: Absent. Capability inventory: curl and jq subprocess calls, and file-writes to /tmp. Sanitization: Absent. No malicious instructions were found in the skill itself.
Audit Metadata