ClawHub

KitchenOwl API

v1.1.0

Interact with KitchenOwl APIs (login, token handling, REST/GraphQL calls, and shopping-list read/update) through a reusable CLI script. Use when the user ask...

0· 304·0 current·0 all-time
by@pietro395

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for pietro395/kitchenowl-api.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "KitchenOwl API" (pietro395/kitchenowl-api) from ClawHub.
Skill page: https://clawhub.ai/pietro395/kitchenowl-api
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install kitchenowl-api

ClawHub CLI

Package manager switcher

npx clawhub@latest install kitchenowl-api
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description, SKILL.md, and the included shell script all align: the script implements login, token handling, REST/GraphQL requests, and probing endpoints for KitchenOwl. The environment variables the script uses (KITCHENOWL_URL/TOKEN/REFRESH_TOKEN) are appropriate for the described purpose.
Instruction Scope
SKILL.md instructs the agent to run the included script and documents expected env vars and flows (probe/login/request/graphql). The script only touches expected paths (creates ~/.config/kitchenowl-api/session.json and uses /tmp for probe output). Minor mismatch: registry metadata lists no required binaries, but SKILL.md and the script require curl and jq.
Install Mechanism
No install spec is present (instruction-only plus an included script), so nothing is downloaded or executed from external URLs during install. The included bash script is static and readable in the bundle.
Credentials
The only secrets involved are KitchenOwl tokens/credentials which are necessary for API operations; however, the registry metadata did not declare these env vars as required. The script saves tokens unencrypted to ~/.config/kitchenowl-api/session.json (documented in SKILL.md), which is functional but has privacy implications the user should consider.
Persistence & Privilege
always:false and the skill does not request system-wide changes or modify other skills. It persists its own session file under the user's home directory, which is expected behavior for a CLI session helper.
Assessment
This skill appears to do what it claims: a small bash CLI to talk to KitchenOwl instances. Before using it, confirm you trust the target KitchenOwl instance (the script will send your username/password and tokens to the base URL you provide). Note that it requires curl and jq (mentioned in SKILL.md but not declared in registry metadata). Sessions/tokens are stored unencrypted at ~/.config/kitchenowl-api/session.json — consider protecting that file (restrict permissions) or using short-lived tokens. If you want extra caution, review the script locally, run it manually rather than granting autonomous agent invocation, and point it only at trusted self-hosted or official cloud endpoints.

Like a lobster shell, security has layers — review code before you run it.

latestvk9716r75x54kzt09k35vpd2tah82g6me
304downloads
0stars
4versions
Updated 1mo ago
v1.1.0
MIT-0
@pietro395
latest
Download

KitchenOwl API

Use scripts/kitchenowl-api.sh for KitchenOwl operations without relying on the web UI.

Prerequisites

  • curl
  • jq

Quick configuration

Supported environment variables:

  • KITCHENOWL_URL (e.g. https://kitchenowl.example.com) [preferred]
  • KITCHENOWL_TOKEN (Bearer token; access token or long-lived token)
  • KITCHENOWL_REFRESH_TOKEN (optional)
  • KITCHENOWL_BASE_URL (legacy compatibility)

Main commands

# 1) Probe useful API endpoints
{baseDir}/scripts/kitchenowl-api.sh probe --base-url https://kitchenowl.example.com

# 2) Login (saves tokens in ~/.config/kitchenowl-api/session.json)
{baseDir}/scripts/kitchenowl-api.sh login \
  --base-url https://kitchenowl.example.com \
  --username USERNAME \
  --password 'PASSWORD' \
  --device openclaw

# 3) Generic authenticated REST call
{baseDir}/scripts/kitchenowl-api.sh request GET /api/user

# 4) REST call with JSON body
{baseDir}/scripts/kitchenowl-api.sh request POST /api/auth/llt \
  --json '{"device":"openclaw-llt"}'

# 5) GraphQL query (if available on the instance)
{baseDir}/scripts/kitchenowl-api.sh graphql \
  --query '{ __typename }'

Recommended flow for shopping-list tasks

  1. Run probe.
  2. Run login (if no valid token is available).
  3. Use request against shopping-list endpoints of the target instance.
  4. If endpoint paths are unknown, start from request GET /api and/or check instance docs.

Operational notes

  • Some instances use reverse proxies with broken redirects (example: /api -> http://localhost/api/).
  • In that case, force the correct --base-url or fix proxy settings server-side.
  • The script does not print plain-text passwords.
  • Tokens are stored locally only in ~/.config/kitchenowl-api/session.json.

Comments

Loading comments...