Recipe to List

Turn recipes into a Todoist Shopping list. Extract ingredients from recipe photos (Gemini Flash vision) or recipe web pages (search + fetch), then compare against the existing Shopping project with conservative synonym/overlap rules, skip pantry staples (salt/pepper), and sum quantities when units match. Also saves each cooked recipe into the workspace cookbook (recipes/).

This skill appears to do what it claims (use Gemini to parse photos and add items to Todoist), but there are two things you should verify before installing or running it: 1) Inspect ~/.clawdbot/.env and the wrapper script. The wrapper will source ~/.clawdbot/.env (exporting any variables in that file) before running the Python script; SKILL.md does not mention this. If that file contains unrelated secrets (AWS keys, SSH_AGENT, other service tokens), those could be read/used. Remove sensitive data from that file or edit the wrapper to avoid sourcing it. 2) Audit the Python script for subprocess/network behavior. Search the script for usages of subprocess/urllib or any hard-coded endpoints to confirm only the Google Generative Language API, recipe web pages, and the Todoist CLI are contacted. Run the tool with --dry-run first and/or in an isolated environment (container or throwaway VM). Prefer providing only the minimal API tokens (scoped keys) needed for Gemini and Todoist. Additional safe steps: run python -m pip install in a virtualenv if needed, run the script with --dry-run and --no-save to confirm output, and review any 'todoist' CLI command invocations in the code to ensure they are constructed safely (avoid shell=True or unescaped user inputs). If you are not comfortable auditing the code, don't expose high-privilege credentials to it.

Type: OpenClaw Skill Name: recipe-to-list Version: 0.1.3 The skill is classified as suspicious due to its use of several high-risk capabilities, including sourcing environment variables from `~/.clawdbot/.env` (scripts/recipe-to-list.sh), executing external commands via `subprocess.run` (scripts/recipe_to_list.py for `todoist` CLI), and performing file system writes to create/update markdown files in the `recipes/` directory (scripts/recipe_to_list.py). While these actions are aligned with the stated purpose of interacting with Todoist and maintaining a local cookbook, the inherent risks associated with these capabilities, especially `subprocess` execution and arbitrary file writes, warrant a 'suspicious' classification under the given threshold, as they could be exploited if the skill's logic or inputs were compromised. There is no clear evidence of intentional malicious behavior like data exfiltration to unauthorized endpoints or persistence mechanisms.