Mealie Recipe Manager

ReviewAudited by ClawScan on May 1, 2026.

Overview

This is a coherent Mealie API client, but it uses a Mealie API token and can change or delete recipes, shopping-list items, and meal plans when invoked.

This skill appears suitable for managing a self-hosted Mealie instance. Before installing, make sure the token is only for Mealie, use HTTPS where possible, and supervise any delete or edit requests because the skill can change data in your Mealie account.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Medium

#ASI02: Tool Misuse and Exploitation

What this means

If invoked incorrectly, the agent could remove or modify data in the configured Mealie instance.

Why it was flagged

The CLI includes direct mutating and deleting Mealie API operations. This is aligned with a recipe manager client, but users should ensure deletions and account changes are intentional.

Skill content

case 'delete-recipe': ... await api('DELETE', `/recipes/${args[0]}`);

Recommendation

Use the skill for changes only when you have explicitly asked for them, and consider requiring confirmation before delete or bulk-edit requests.

Low

#ASI03: Identity and Privilege Abuse

What this means

Anyone or any agent action with access to this token can act against the configured Mealie account within the token's permissions.

Why it was flagged

The script authenticates to Mealie with a Bearer token from the environment. This is expected and disclosed for the API client, but it grants whatever access that token has.

Skill content

const API_TOKEN = process.env.MEALIE_API_TOKEN; ... 'Authorization': `Bearer ${API_TOKEN}`

Recommendation

Use a dedicated Mealie API token with the least privileges available, store it only in the intended .env file, prefer HTTPS for MEALIE_URL, and revoke the token if no longer needed.

Info

#ASI04: Agentic Supply Chain Vulnerabilities

What this means

You have less external context for verifying the author, history, or maintenance of code that will handle an API token.

Why it was flagged

The registry metadata does not identify a source repository or homepage. The included code is simple and no remote install is shown, but provenance is limited.

Skill content

Source: unknown; Homepage: none

Recommendation

Review the included script before installation and prefer skills with clear source provenance when handling credentials.