Back to skill
Skillv1.0.0
ClawScan security
Mealie Recipe Manager · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 15, 2026, 3:33 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is internally consistent: it is a Node CLI for interacting with a self‑hosted Mealie API and only requests the Mealie URL and API token it needs.
- Guidance
- This skill appears to do exactly what it says: a Node CLI that calls your Mealie instance using MEALIE_URL and MEALIE_API_TOKEN. Before installing: (1) confirm you trust the skill’s source since it will store/read a token in ~/.openclaw/.env or the skill .env; (2) prefer creating a limited-purpose API token in Mealie rather than using an admin token; (3) ensure MEALIE_URL uses HTTPS on a trusted host to avoid token exposure; (4) review the included script yourself if you are concerned (it is small and readable); and (5) avoid putting other secrets in the agent-level .env since the skill will read that file for MEALIE_* variables.
Review Dimensions
- Purpose & Capability
- okThe name/description (Mealie recipe manager client) matches the declared requirements (node, MEALIE_URL, MEALIE_API_TOKEN) and the included script implements the described API calls (recipes, lists, meal plans).
- Instruction Scope
- okSKILL.md and the CLI commands are limited to calling the Mealie API. The script reads only MEALIE_URL and MEALIE_API_TOKEN (from environment or .env files) and makes HTTP(S) requests to the Mealie host; it does not reference other system paths or external endpoints.
- Install Mechanism
- okNo install spec or remote downloads are present; the skill is instruction + a local Node script. Nothing in the manifest pulls arbitrary code from external URLs.
- Credentials
- okThe skill requires only MEALIE_URL and MEALIE_API_TOKEN, which are precisely the credentials necessary for a Mealie client. The code explicitly loads only these two variables from skill-level and agent-level .env files.
- Persistence & Privilege
- okalways is false and the skill does not request elevated/system-wide privileges or modify other skills; it only reads its own /agent .env locations as documented.