Pantry
PassAudited by ClawScan on May 1, 2026.
Overview
Pantry appears to be a local pantry logging and export tool with no evident network or credential use, but it keeps persistent local logs that users should understand.
This looks safe for normal pantry tracking if you are comfortable with entries being saved under ~/.local/share/pantry/. Before installing, confirm how the pantry command is provided and avoid sharing exports unless you have reviewed their contents.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A user may need to verify how the pantry command is installed and whether it corresponds to the included script.
The skill documentation uses a pantry CLI, but the registry metadata does not declare an install mechanism or required binary even though a shell script is included.
No install spec — this is an instruction-only skill. Code file presence: 1 code file(s): scripts/script.sh (11039 bytes)
Install only from the declared source and confirm the CLI being run is the reviewed Pantry script.
Anyone with access to the local account or exported files may be able to view the pantry history and entries.
The skill intentionally keeps persistent local records and can export them, so user-entered pantry, cost, reminder, or shopping-list details may remain available across sessions.
All data is stored locally at `~/.local/share/pantry/`. Each action is logged with timestamps. Use `export` to back up your data anytime.
Avoid storing sensitive personal information in pantry entries, protect the local data directory, and review exported files before sharing them.