4todo

4to.do Eisenhower Matrix To‑Do List

Goal

• - Use curl to call the 4todo API (https://4to.do/api/v0) to manage:

- workspaces - todos - recurring todos

• - Store the token in a way that is injectable but not leak-prone (prefer OpenClaw per-run env injection; do not paste secrets into prompts, logs, or repo files).

Required Environment Variable

• - FOURTODO_API_TOKEN: your 4todo API token (Bearer token)
• If missing, ask the user to set it via OpenClaw config (do not ask them to paste the token into chat).

Runtime Requirement

• - curl must be available on PATH (and inside the sandbox container, if the agent is sandboxed).

User-facing output rules (important)

• - Be non-technical by default. Focus on outcomes, not implementation.

- Avoid mentioning: curl, endpoints, headers, API mechanics, JSON payloads, config patches. - Mention technical details only when debugging or if the user explicitly asks “how does it work?”.

• - Do not print internal IDs by default:

- Do not show ws_..., todo_..., rec_todo_... unless the user asks. - Refer to workspaces and tasks by name. - If disambiguation is needed (duplicate names), ask a clarifying question and present a short numbered list of names; only offer IDs if the user requests them.

• - Quadrants:

- In chat, prefer plain language: “urgent & important”, “important (not urgent)”, “urgent (not important)”, “neither”. - Use IU | IN | NU | NN internally for API calls. Only show codes if the user uses codes first or explicitly asks.

Examples (preferred)

Workspaces:

CODEBLOCK0

Todos (summary):

CODEBLOCK1

Store / Inject the Token in OpenClaw (recommended)

OpenClaw can inject environment variables only for the duration of an agent run (then restores the original env), which helps keep secrets out of prompts.

Recommended (production): set FOURTODO_API_TOKEN in your Gateway process environment using your hosting provider’s secret store, and do not store tokens in chat logs.

Host runs (not sandboxed): use skills.entries

Edit ~/.openclaw/openclaw.json:

CODEBLOCK2

Notes:

• - skills.entries.<skill>.env is injected only if the variable is not already set.

Sandboxed sessions: use agents.defaults.sandbox.docker.env

When a session is sandboxed, skill env injection does not propagate into the Docker container. Provide the token via Docker env:

CODEBLOCK3

Request Conventions

• - Every request must include Authorization: Bearer <token>.
• Requests with a JSON body must include Content-Type: application/json.
• INLINECODE16 requires a workspace query parameter.
• Quadrants: IU | IN | NU | NN (internal).

Workflow (recommended order)

Copy this checklist and keep it updated while executing:

CODEBLOCK4

1. 1. GET /workspaces: pick a target ws_... (usually the default workspace).
2. INLINECODE21: fetch todos (grouped by quadrant).
3. Create: POST /todos.
4. Complete: POST /todos/:id/complete (idempotent).
5. Reorder / move quadrant: POST /todos/reorder.
6. Recurring todos: use the /recurring-todos endpoints.

HTTP Examples (curl)

This skill intentionally uses curl for maximum portability across OSes and environments.

Notes:

• - HTTPS only (https://4to.do/api/v0).
• Always pass the token via FOURTODO_API_TOKEN (never paste tokens into chat).

CODEBLOCK5
Note: if moved_todo_id starts with rec_todo_, the API updates only the recurring todo quadrant and ignores previous_todo_id/next_todo_id.

Common Error Handling (agent guidance)

• - 401 token_expired / invalid_token: stop retrying; ask the user to create a new token in 4todo settings and update OpenClaw config.
• INLINECODE33: the workspace is read-only; do not retry mutations; switch workspace or prompt user to upgrade/unlock.
• INLINECODE34: honor Retry-After / X-RateLimit-* and back off before retry.
• INLINECODE37: ensure quadrant is one of IU|IN|NU|NN.

Reference

• - Full API doc bundled with this skill: INLINECODE39