apideck-libraries/clickup
providers/claude/plugin/skills/clickup/SKILL.md
ClickUp via Apideck's Proxy API + managed Vault auth — Apideck handles auth and proxies HTTP calls to ClickUp's native API. Use when the user wants to call ClickUp (no unified API resource mapping). Routes through Apideck with serviceId "clickup".
$ install --global
skillsauthnpx skillsauth add apideck-libraries/api-skills clickupInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 27, 2026, 4:26 AM72.6s1 file scanned
SKILL.md
- name:
- clickup
- description:
- |
- license:
- Apache-2.0
- alwaysApply:
- false
- author:
- apideck
- version:
- 1.0.0
- serviceId:
- clickup
- proxyOnly:
- true
- unifiedApis:
- []
- authType:
- oauth2
- tier:
- 2
- verified:
- true
- status:
- beta
ClickUp (via Apideck Proxy)
Access ClickUp through Apideck's Proxy API with managed Vault auth. Apideck stores credentials, refreshes tokens, and forwards your HTTP calls to ClickUp's native API — you keep using ClickUp's own request and response shapes, while Apideck eliminates per-tenant credential plumbing and gives you a single auth integration shared across every Apideck connector.
Auth-only / proxy-only connector. Apideck does not map ClickUp to a unified-API resource model — your code talks ClickUp's own API directly through the Proxy. You still get Vault credential storage, token refresh, retries, and a consistent request envelope.
Quick facts
- Apideck serviceId:
clickup - Mode: Proxy-only (no unified API resources)
- Auth type: oauth2
- Status: beta
- Apideck setup guide: OAuth credentials
- Gotchas: page
- ClickUp docs: https://clickup.com/api
- Homepage: https://clickup.com/
When to use this skill
Activate this skill when the user wants to call ClickUp via Apideck — for example, "call the ClickUp API" or "fetch data from ClickUp". This skill teaches the agent:
- That ClickUp routes through Apideck's Proxy API, not a unified resource API
- The correct
serviceIdto pass on every call (clickup) - How to keep using ClickUp's native request/response shapes while Apideck handles Vault auth
If you need a unified-API surface (one method shape across many vendors), see the connector skills in this catalog whose serviceId is mapped to a unified API.
Auth
- Type: OAuth 2.0
- Managed by: Apideck Vault — Apideck handles the full OAuth dance (authorization code flow, token exchange, refresh). Never ask the user for API keys or tokens directly.
- User setup: Users authorize via the Vault modal. Connection state progresses
available → added → authorized → callable. - Token refresh: automatic. Expired tokens are refreshed transparently on the next API call.
Calling ClickUp via the Proxy API
Send any HTTP request to https://unify.apideck.com/proxy. Apideck looks up the user's stored ClickUp credentials by x-apideck-consumer-id + x-apideck-service-id, injects them on the way out, and returns ClickUp's raw response.
curl 'https://unify.apideck.com/proxy' \
-H "Authorization: Bearer ${APIDECK_API_KEY}" \
-H "x-apideck-app-id: ${APIDECK_APP_ID}" \
-H "x-apideck-consumer-id: ${CONSUMER_ID}" \
-H "x-apideck-service-id: clickup" \
-H "x-apideck-downstream-url: <target endpoint on ClickUp>" \
-H "x-apideck-downstream-method: GET"
For POST/PATCH/PUT/DELETE, change x-apideck-downstream-method and pass the body as you would to ClickUp directly. Apideck does not transform the body — it forwards bytes.
See ClickUp's API docs for available endpoints.
See also
- Apideck OAuth setup guide for ClickUp
- ClickUp gotchas
- Apideck Proxy API reference
apideck-rest— REST patterns including the Proxyapideck-best-practices— Vault, error handling, retriesapideck-unified-api— when to use unified vs proxy- ClickUp official docs
Related Skills
apideck-libraries/jira-teams
development
VerifiedTrustedCommunity
Jira Teams via Apideck's Proxy API + managed Vault auth — Apideck handles auth and proxies HTTP calls to Jira Teams's native API. Use when the user wants to call Jira Teams (no unified API resource mapping). Routes through Apideck with serviceId "jira-teams".
2SKILL.mdUpdated Apr 27, 2026
apideck-libraries/jira-service-desk
development
VerifiedTrustedCommunity
Jira Service Desk via Apideck's Proxy API + managed Vault auth — Apideck handles auth and proxies HTTP calls to Jira Service Desk's native API. Use when the user wants to call Jira Service Desk (no unified API resource mapping). Routes through Apideck with serviceId "jira-service-desk".
2SKILL.mdUpdated Apr 27, 2026
apideck-libraries/jira-data-center
development
VerifiedTrustedCommunity
Jira Data Center via Apideck's Proxy API + managed Vault auth — Apideck handles auth and proxies HTTP calls to Jira Data Center's native API. Use when the user wants to call Jira Data Center (no unified API resource mapping). Routes through Apideck with serviceId "jira-data-center".
2SKILL.mdUpdated Apr 27, 2026
apideck-libraries/jetbrains-youtrack
development
VerifiedTrustedCommunity
JetBrains YouTrack via Apideck's Proxy API + managed Vault auth — Apideck handles auth and proxies HTTP calls to JetBrains YouTrack's native API. Use when the user wants to call JetBrains YouTrack (no unified API resource mapping). Routes through Apideck with serviceId "jetbrains-youtrack".
2SKILL.mdUpdated Apr 27, 2026