ordercli
Warn
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONCREDENTIALS_UNSAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill installs the
orderclibinary from an external GitHub repository (github.com/steipete/ordercli) via the Go compiler or Homebrew. This repository is not associated with a verified or trusted vendor. - [CREDENTIALS_UNSAFE]: Several commands interact with sensitive local data, such as importing Google Chrome cookies and session tokens (
ordercli foodora cookies chrome) to facilitate authentication with food delivery platforms. - [COMMAND_EXECUTION]: The skill requires the execution of the
orderclibinary on the host system to perform all its core functions, including viewing order history and placing reorders.
Audit Metadata