swiggy-track

SUSPICIOUS. The stated purpose is coherent and the commands are read-only, but the skill's real footprint depends on a non-official external CLI that appears to consume Swiggy session cookies. Because the binary provenance is not established in the skill and evidence points to a personal repo, this creates a high supply-chain and credential-handling risk disproportionate to a simple order-tracking helper.