Swiggy_T1
ReviewAudited by ClawScan on May 10, 2026.
Overview
This skill is purpose-aligned for Swiggy ordering, but users should notice that it can place real-world non-cancellable COD orders, uses Swiggy OAuth/MCP services, logs order details, and its CLI packaging appears incomplete in the supplied files.
This appears to be a disclosed Swiggy integration rather than a malicious skill. Before installing, verify the missing CLI implementation from a trusted source, authenticate only through the expected Swiggy OAuth flow, and never approve an order until the cart, price, address, and cancellation limitations are correct.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the user confirms, the agent may place a cash-on-delivery order or booking that cannot be undone through the skill.
The skill can place real-world food/grocery orders, but it also clearly requires explicit user confirmation before doing so and warns that orders are final.
Only after user says YES: - Run the order command with `--confirm` flag ... Orders **cannot be cancelled** once placed.
Only confirm after checking items, quantities, total price, delivery address, date/time, and cancellation limitations.
The integration may act through the user's Swiggy account after authentication.
The skill requires access to the user's Swiggy account through OAuth, which is expected for ordering but gives the integration account-level authority.
Swiggy MCP uses OAuth. First use will trigger auth flow. The `swiggy` CLI handles this via mcporter.
Authenticate only if you trust the Swiggy MCP flow and review any account permissions shown during OAuth.
The install instructions may not work as described, and any actual CLI implementation is not visible in the supplied review materials.
The package declares a CLI binary, and the README/SKILL.md tell users to run npm link, but the supplied manifest contains only package.json, README.md, and SKILL.md, so the referenced executable is absent from the reviewed artifacts.
"bin": { "swiggy": "./bin/swiggy" }Before installing, verify the package contents include the expected bin/swiggy file from a trusted source and that it matches the documented behavior.
Your food/grocery history and delivery address may remain available to the agent or future tasks through its memory files.
The skill stores order history, address, totals, and order IDs in persistent memory, which is disclosed but sensitive.
After successful order, append to `memory/swiggy-orders.json`: ... "items": [...], "total": "₹560", "address": "HSR Layout", "orderId": "..."
Review or delete memory/swiggy-orders.json if you do not want order history retained, and avoid including more address detail than needed.
Searches, cart actions, booking details, address/location data, and account-authenticated requests may be sent to Swiggy MCP services.
The skill communicates with external MCP servers for food, grocery, and restaurant booking operations; the endpoints are disclosed and aligned with the purpose.
"mcpServers": { "swiggy-food": { "type": "http", "url": "https://mcp.swiggy.com/food" }, "swiggy-instamart": { "type": "http", "url": "https://mcp.swiggy.com/im" }, "swiggy-dineout": { "type": "http", "url": "https://mcp.swiggy.com/dineout" } }Use the skill only for information you are comfortable sharing with Swiggy's MCP services and confirm the endpoints are legitimate before authenticating.