Knuspr

ReviewAudited by ClawScan on May 10, 2026.

Overview

This is a coherent Knuspr grocery-shopping CLI, but it needs your Knuspr account access and can change carts, lists, favorites, and delivery reservations.

Install only if you are comfortable letting the agent use your Knuspr login to view order/account data and manage carts, lists, favorites, and delivery slots. Do not let it check out; review prices, totals, and reservations yourself in Knuspr before purchasing.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Medium

#ASI02: Tool Misuse and Exploitation

What this means

The agent may add items, repeat orders into a cart, or reserve delivery slots if asked, which can affect your Knuspr account even though it should not complete payment.

Why it was flagged

The skill is designed to mutate an authenticated grocery account by building carts and reserving slots, but it also documents guardrails against checkout and destructive actions.

Skill content

NEVER complete a purchase — Only build cart + reserve slot. ... Confirm before destructive actions (cart clear, list delete, slot release).

Recommendation

Review cart contents, totals, and delivery slots before relying on them; require explicit confirmation for bulk cart changes or slot reservations.

Medium

#ASI03: Identity and Privilege Abuse

What this means

Anyone with access to the local session file may be able to use the stored Knuspr session, and the agent can view account/order data while logged in.

Why it was flagged

The CLI stores authenticated Knuspr session cookies locally so it can act as the logged-in user.

Skill content

SESSION_FILE = Path.home() / ".knuspr_session.json" ... "cookies": self.cookies ... json.dump(session_data, f)

Recommendation

Use interactive login where possible, protect your home directory, avoid sharing the session file, and run `auth logout` when you no longer want the CLI to retain access.

Low

#ASI04: Agentic Supply Chain Vulnerabilities

What this means

Provider changes could break commands or cause unexpected failures, and this is not an officially supported Knuspr integration.

Why it was flagged

The project discloses that it is unofficial and uses non-official Knuspr interfaces, which is relevant provenance and reliability context.

Skill content

Dies ist ein privates Hobby-Projekt und steht in keiner Verbindung zu Knuspr/Rohlik. Die CLI nutzt keine offizielle API

Recommendation

Treat updates cautiously, prefer the reviewed bundled version, and verify important cart or slot actions in the Knuspr website/app.