todoist
Pass
Audited by Gen Agent Trust Hub on Apr 17, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [SAFE]: The skill communicates exclusively with official Todoist API endpoints at
api.todoist.com, a well-known task management service. - [SAFE]: Sensitive credentials are not hardcoded; the skill correctly instructs the use of an environment variable (
$TODOIST_TOKEN) for authentication. - [COMMAND_EXECUTION]: The skill utilizes standard system utilities
curlandjqfor networking and JSON processing, which are appropriate for the stated purpose of API interaction. - [SAFE]: No patterns for persistence, privilege escalation, or malicious obfuscation were identified in the instructions or command snippets.
Audit Metadata