Pantry
v2.0.1Organize pantry stock, expiry dates, and shopping lists. Use when adding items, checking inventory, scheduling restocks, setting expiry reminders.
⭐ 0· 171·0 current·0 all-time
bybytesagain4@xueyetianya
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
Name/description (pantry inventory, expiry, shopping lists) match the provided CLI behavior. The script implements add/inventory/schedule/search/export/status/stats and stores data in ~/.local/share/pantry as the SKILL.md states.
Instruction Scope
SKILL.md instructs use of the local 'pantry' CLI and documents local data storage. The shipped script implements those commands and only reads/writes local files under the DATA_DIR and uses standard local utilities (grep, tail, du, etc.). There are no instructions to read unrelated system config or to transmit data externally.
Install Mechanism
No install spec is provided (instruction-only). A script file is included but nothing is downloaded from external URLs or installed automatically. Risk is low from an install-mechanism perspective.
Credentials
The skill requires no environment variables or credentials. It uses HOME to construct a local data directory (expected). No unrelated secrets or config paths are requested.
Persistence & Privilege
always is false and the skill does not request elevated privileges or modify other skills/config. It creates and writes files only under the user's data directory (~/.local/share/pantry).
Assessment
This skill appears to do exactly what it says: a local CLI that stores pantry data under ~/.local/share/pantry and has no network calls or credential requests in the provided files. Before installing, (1) inspect the full scripts/script.sh file locally (the listing provided here was truncated) to confirm there are no unexpected network calls or subprocess invocations later in the file; (2) run the script in a trusted environment or sandbox the first time to verify behavior; (3) check and restrict file permissions on ~/.local/share/pantry if you store sensitive notes; and (4) if you need absolute assurance, search the repository for any other files or build/install steps that might fetch remote code. Overall this looks coherent and proportionate, but verify the unshown portion of the script to raise confidence to high.Like a lobster shell, security has layers — review code before you run it.
latestvk970qf2gjc02nagz4q4zhqrc31835w1j
License
MIT-0
Free to use, modify, and redistribute. No attribution required.