Tandoor Recipe CLI

Name: Tandoor Recipe CLI
Author: dcenatiempo

Description

Manage recipes, meal plans, and shopping lists on a Tandoor Recipe Manager instance via CLI.

README (SKILL.md)

Tandoor CLI Skill

This skill provides AI agents with the ability to interact with a Tandoor Recipe Manager instance using the tandoor-cli command-line tool.

Prerequisites

The tandoor-cli tool must be installed and configured.

Version Compatibility: This skill documentation corresponds to the version specified in the metadata above. Before using this skill:

Verify your installed CLI version: tandoor -V
Ensure the installed version matches the skill version to avoid unexpected behavior or missing commands
If versions don't match, reinstall the CLI tool following the setup instructions in references/SETUP.md

If tandoor -V produces no valid version, see the setup instructions in references/SETUP.md.

Security & Permission Model

⚠️ IMPORTANT: This skill provides mutation authority over your Tandoor instance.

Read operations (list, search, get, random) are safe and require no confirmation
Write operations (add, update, import) modify data but are typically reversible
Destructive operations (delete, clear, household management) require explicit user approval before execution
Bulk operations (shopping check --all, clear) affect multiple items and require confirmation
Administrative operations (household management, user assignment, invite creation) require privileged credentials and explicit approval

Token Security:

Use the least-privileged token possible for your use case
Prefer read-only tokens if you only need to query recipes
Avoid using space-owner or admin tokens unless household management is required
Consider short-lived tokens (days/weeks) instead of long-lived tokens (years)
Store tokens securely and rotate them regularly
Revoke tokens immediately if compromised or no longer needed

Supply Chain:

This skill uses the tandoor-cli npm package
Verify the package source before first use: https://www.npmjs.com/package/tandoor-cli
Review the package repository: https://github.com/dcenatiempo/tandoor-cli
Recommended: Pin to the specific version matching this skill (see version in metadata above) to avoid unexpected updates
Install pinned version: npm install -g tandoor-cli@\x3Cversion> (replace \x3Cversion> with the skill version)

Invocation

tandoor \x3Ccommand> [options]

Commands

Read Operations (Safe)

Recipes:

Command	Description
`list [--limit N]`	List recipes (default 20, max 100)
`search \x3Cquery>`	Search recipes by keyword
`get \x3Cid>`	Get full recipe details
`random`	Get a random recipe

Meal Plans:

Command	Description
`mealplan list [--startdate DATE] [--enddate DATE]`	List meal plan entries (optionally filtered by date range)

Shopping List:

Command	Description
`shopping list`	List shopping list entries

Food Ingredients:

Command	Description
`food list [--limit N] [--search TERM] [--ignored]`	List food ingredients

Households & Users:

Command	Description
`household list`	List all households
`household get \x3Cid>`	Get household details by ID
`household users list`	List all users in the space
`household users memberships`	List user-space memberships
`household invite list`	List all invite links

Write Operations (Require Confirmation)

Command	Description	Approval Required
`add [--json file]`	Create a recipe	✓ Before execution
`update \x3Cid> --json file`	Patch an existing recipe	✓ Before execution
`import \x3Curl> [--dry-run]`	Import a recipe from a URL	✓ Before execution
`image \x3CrecipeId> \x3CimagePath>`	Upload an image to a recipe	✓ Before execution
`mealplan add --recipe ID --date YYYY-MM-DD --meal-type N`	Add a meal plan entry	✓ Before execution
`shopping add --food NAME --amount N --unit UNIT`	Add a shopping list item	✓ Before execution
`shopping check \x3Cid>`	Mark a shopping item as checked	✓ Before execution
`food edit \x3Cid\|name> --ignore-shopping \x3Ctrue\|false>`	Edit a food's ignore_shopping flag	✓ Before execution
`food ignore \x3Cid\|name> [--unset]`	Set or clear ignore_shopping by ID or name	✓ Before execution
`food onhand \x3Cid\|name> [--unset]`	Set or clear the on-hand flag by ID or name	✓ Before execution

Destructive Operations (Require Explicit Confirmation)

Command	Description	Approval Required
`delete \x3Cid> [--force]`	Delete a recipe	✓✓ Explicit confirmation required
`mealplan delete \x3Cid>`	Delete a meal plan entry	✓✓ Explicit confirmation required
`shopping clear [--force]`	Clear all checked items	✓✓ Explicit confirmation (bulk operation)
`shopping check --all`	Mark all items as checked	✓✓ Explicit confirmation (bulk operation)

Administrative Operations (Require Privileged Token + Explicit Confirmation)

Important: Tandoor uses households to organize users and recipes. Users are added to households via invite links — you cannot create users directly via the API.

Permission Requirements: Household management commands require special permissions in Tandoor. Most operations need admin/staff privileges. The household invite create command specifically requires space owner authentication — even superusers or staff members will receive a 403 Permission Denied error if they're not the space owner. If you encounter permission errors, you must use the space owner's API token or contact your Tandoor administrator.

Command	Description	Approval Required
`household add \x3Cname>`	Create a new household	✓✓ Admin token + explicit confirmation
`household edit \x3Cid> --name \x3Cname>`	Rename a household	✓✓ Admin token + explicit confirmation
`household delete \x3Cid> [--force]`	Delete a household	✓✓ Admin token + explicit confirmation
`household users assign \x3Cuser-space-id> \x3Chousehold-id>`	Assign user to household	✓✓ Admin token + explicit confirmation
`household invite create \x3Chousehold-id> [--email EMAIL] [--expires DATE] [--group-id ID]`	Create invite link	✓✓ Space-owner token + explicit confirmation
`household invite delete \x3Cid> [--force]`	Delete invite link	✓✓ Admin token + explicit confirmation

All read commands accept --json for machine-readable output suitable for agent pipelines.

Agent Behavior Rules

Before executing any command, the agent MUST:

For read operations: Proceed without confirmation
For write operations: Describe the action and wait for user approval
For destructive operations:
- Clearly explain what will be deleted/modified
- Warn that the action cannot be easily reversed
- Wait for explicit user confirmation (e.g., "yes, delete recipe 42")
For bulk operations:
- State how many items will be affected
- Wait for explicit confirmation
For administrative operations:
- Verify the user has provided an admin/space-owner token
- Explain the scope of the change (e.g., "this will move user X to household Y")
- Wait for explicit confirmation

The agent MUST NOT:

Execute delete, force, bulk, household, invite, or user-assignment commands without explicit user approval
Assume the user wants destructive actions even if implied by context
Use --force flags without explicit user instruction
Log or display the TANDOOR_API_TOKEN value in any output

Configuration

The CLI supports three configuration methods (in precedence order):

Environment variables — TANDOOR_URL and TANDOOR_API_TOKEN in the current shell
Config file — ~/.config/tandoor-cli/config.json (created by tandoor configure)
.env file — a .env file in the current working directory

Run tandoor configure once to save credentials interactively.

Examples

Configure credentials:

tandoor configure

Read example — list recipes as JSON:

tandoor list --limit 5 --json

Write example — create a recipe from a JSON file:

# Agent should first ask: "I will create a new recipe from recipe.json. Proceed?"
# Only after user confirms:
tandoor add --json recipe.json

Destructive example — delete a recipe:

# Agent should first ask: "This will permanently delete recipe 42. This cannot be undone. Confirm deletion?"
# Only after explicit user confirmation:
tandoor delete 42 --force

Image example — upload an image to a recipe:

# Agent should first ask: "I will upload my-recipe-photo.jpg to recipe 42. Proceed?"
# Only after user confirms:
tandoor image 42 ./my-recipe-photo.jpg

Household example — create a household and generate an invite link:

# Agent should first ask: "I will create a new household named 'My Family'. This requires admin privileges. Proceed?"
# Only after user confirms:
tandoor household add "My Family"

# Agent should first ask: "I will create an invite link for household 1. This requires space-owner token. Proceed?"
# Only after user confirms:
tandoor household invite create 1 --email [email protected] --expires 2026-12-31

Shopping list example — add items and check them off:

# Agent should first ask: "I will add flour (500g) to the shopping list. Proceed?"
# Only after user confirms:
tandoor shopping add --food flour --amount 500 --unit g

# Agent should first ask: "This will mark ALL shopping items as checked. Confirm?"
# Only after explicit confirmation:
tandoor shopping check --all

Installation & Setup

Before first use:

Verify the npm package: https://www.npmjs.com/package/tandoor-cli
Review the source code: https://github.com/dcenatiempo/tandoor-cli
Recommended: Install the pinned version matching this skill: npm install -g tandoor-cli@\x3Cversion> (see version in metadata above)
Generate a token with minimal required permissions (see SECURITY.md)
Consider using a test Tandoor instance first

Reference

See references/SETUP.md for detailed setup documentation including authentication configuration
See SECURITY.md for comprehensive security guidelines and token management best practices

Usage Guidance

Install only if you want an agent to operate your Tandoor instance. Start with a read-only, short-lived token; grant write or admin tokens only for specific tasks; verify and pin the npm package version before use; and require explicit approval for delete, bulk, or household-management commands.

Capability Analysis

Type: OpenClaw Skill Name: tandoor-cli Version: 1.0.2 The tandoor-cli skill bundle provides a command-line interface for managing Tandoor Recipe Manager instances. It demonstrates a high level of security maturity, featuring comprehensive documentation (SECURITY.md and SECURITY_REVIEW_RESPONSE.md) that addresses potential risks like tool misuse and over-privileged tokens. The SKILL.md file includes explicit instructions for the AI agent to seek user confirmation before executing any write, destructive, or administrative operations, effectively hardening the agent against accidental or malicious misuse. No evidence of data exfiltration, obfuscation, or unauthorized execution was found.

Capability Tags

requires-oauth-tokenrequires-sensitive-credentials

Capability Assessment

⚠ Purpose & Capability

Recipe, meal-plan, and shopping-list management matches the stated purpose, but the skill also exposes household/user administration and invite creation, which is broader and higher impact than the short description.

ℹ Instruction Scope

The skill documents approval gates for write, destructive, bulk, and administrative commands, which is appropriate, but users should notice that the agent is being given real mutation authority.

⚠ Install Mechanism

The reviewed artifacts contain no CLI code and direct users to install or run an external npm package; setup examples are unpinned while the security document claims a pinned version.

⚠ Credentials

Using the skill requires Tandoor authentication and can involve admin or space-owner tokens for household operations, which is high-privilege access.

ℹ Persistence & Privilege

Credential storage in environment variables, .env files, or ~/.config/tandoor-cli/config.json is disclosed, and the docs recommend restricted permissions and short-lived tokens.

Version History

v1.0.2

- Added recommendation to pin the installed `tandoor-cli` version to match the skill version for improved stability. - Included installation instruction for specific CLI versions using `npm install -g tandoor-cli@<version>`. - No changes to commands or overall functionality; documentation improvement only.

v1.0.1

- Added SECURITY.md and SECURITY_REVIEW_RESPONSE.md to document security practices and review process. - Expanded and clarified security, permission, and agent behavior requirements in the documentation. - Improved version compatibility guidance to ensure consistency between CLI and skill versions. - Documented the distinction between read, write, destructive, and admin operations, specifying the level of user confirmation required for each. - Enhanced recommendations for secure token usage and safe operation.

v0.3.1

- Initial release of tandoor-recipe-cli skill (version 0.3.1). - Provides CLI access to Tandoor Recipe Manager for managing recipes, meal plans, shopping lists, households, users, and food ingredients. - Supports configuration via environment variables, config file, or .env file. - Includes commands for listing, searching, creating, updating, and deleting various Tandoor objects. - Enhanced permission guidance and sample usage provided in documentation.

Metadata

Slug tandoor-cli

Version 1.0.2

License MIT-0

All-time Installs 0

Active Installs 0

Total Versions 3

Frequently Asked Questions

What is Tandoor Recipe CLI?

Manage recipes, meal plans, and shopping lists on a Tandoor Recipe Manager instance via CLI. It is an AI Agent Skill for Claude Code / OpenClaw, with 27 downloads so far.

How do I install Tandoor Recipe CLI?

Run "/install tandoor-cli" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Tandoor Recipe CLI free?

Yes, Tandoor Recipe CLI is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Tandoor Recipe CLI support?

Tandoor Recipe CLI is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Tandoor Recipe CLI?

It is built and maintained by Devin Cenatiempo (@dcenatiempo); the current version is v1.0.2.

More Skills