Todoist MCP Server
MCP server for Todoist API
Critical Issues
Security ScoreF
Vulnerabilities Found
Quality ScoreC
Maintenance67
Popularity27
Documentation56
Available Documentation
Compatibility78
Features
Supported Transports
Agentic MCP Risk Intelligence
MCPSafe checks risks unique to AI-connected MCP servers — prompt surfaces, model-controlled tools, credentials, filesystems, and network reachability.
This server has at least one issue specific to AI-agent/MCP execution flows.
Tool metadata can steer or hijack AI clients before a user invokes the tool.
Model-selected tool arguments can reach shell/process execution.
Tool context combines credential access with outbound network capability.
AI-controlled paths may access files outside the intended workspace.
AI-controlled URLs may reach local, metadata, or internal network services.
Vulnerabilities(9)
READMETodoist MCP Server
View sourceTodoist MCP Server
⚠️ CREDENTIAL EXPOSURE WARNING ⚠️
Issue
The Todoist API token is logged to console output when debug mode is enabled.
Risk
- Token visible in terminal history
- Token captured in log files
- Token exposed to other processes
Mitigation
- Never enable debug mode with real credentials
- Rotate API token if exposed
- Use environment variables
Status
Fixed in v0.3.0, upgrade required.
Embed Security Badge
Add this badge to your README or documentation
[](https://mcpsafe.org/registry/todoist-mcp-vuln)Server Information
- Source
- GITHUB
- Package
- todoist-mcp-server
- Version
- 1.0.7
- Language
- typescript
- License
- MIT
- Transport
- STDIO
- Added
- Jan 20, 2026
- Updated
- Jul 13, 2026