Swiggy_T1
v1.0.1Order food, groceries, and book restaurants in India via Swiggy's MCP servers. Food delivery, Instamart groceries, and Dineout restaurant bookings with safety-first confirmation workflow.
⭐ 1· 1.8k·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
Name/description, package.json MCP endpoints, and CLI commands all align with a Swiggy ordering skill. However the SKILL.md repeatedly asserts a bundled `swiggy` CLI and Node.js wrapper while the package files provided do not include the CLI binary or any runtime code (no bin/swiggy present). That mismatch is an important incoherence.
Instruction Scope
Runtime instructions ask the agent to run a local CLI (npm link => global `swiggy`) and to map address aliases from USER.md; they also instruct appending order history to memory/swiggy-orders.json. SKILL.md references reading USER.md and writing memory/swiggy-orders.json but declares no required config paths. The instruction to 'map to actual addresses from USER.md' implies reading a user file not declared in requirements and could access personal address data.
Install Mechanism
No formal install spec (instruction-only) — normally lower risk — but SKILL.md and package.json claim a CLI that must be linked/installed. The repository as provided lacks the claimed executable (bin/swiggy) and any code files, which is inconsistent and suspicious (either the package is incomplete or intentionally missing runtime artifacts).
Credentials
The skill requests no environment variables or credentials in metadata, which is reasonable because auth is delegated to the `mcporter` skill via OAuth. However OAuth/token handling is not described (where tokens are stored, what scopes are requested), and the skill will interact with network endpoints (mcp.swiggy.com) and write order logs — the lack of declared config paths for any stored tokens or memory file is an omission worth questioning.
Persistence & Privilege
The skill is not always-enabled and does not request elevated platform privileges. It does instruct writing order logs to memory/swiggy-orders.json (persistence within the agent's storage) which is reasonable for an order history but should be confirmed where that storage lives. No modification of other skills or system-wide settings is requested.
What to consider before installing
Do not install or enable this skill until the inconsistencies are resolved. Ask the publisher for the full source or a repository URL and verify that the claimed CLI binary (bin/swiggy) and any runtime code are present and reviewable. Confirm where OAuth tokens will be stored and what scopes mcporter requests, and verify that the agent cannot place orders without an explicit, programmatic confirmation step (the SKILL.md's manual '--confirm' requirement should be enforced by code, not just documentation). Also ask how USER.md addresses are sourced — the skill's instructions imply reading a user file which could leak personal address data. If you cannot review the actual CLI code and the OAuth/token storage, treat the package as incomplete or potentially malicious and do not grant it account access or enable autonomous invocation.Like a lobster shell, security has layers — review code before you run it.
latestvk972ykz1m2s7fhtgy2kj9snv4s805yvklatest1vk972ykz1m2s7fhtgy2kj9snv4s805yvk
License
MIT-0
Free to use, modify, and redistribute. No attribution required.