peristyle-grocery-cart
Pass
Audited by Gen Agent Trust Hub on Jun 16, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill interacts with a backend API to search recipes and manage grocery carts. All network operations are directed towards the user-configured API endpoint (defaulting to localhost) for the purpose of shopping integration.
- [SAFE]: User session management is handled by storing an API key in the standard local configuration path (
~/.config/peristyle-grocery-cart/api-key). This facilitates persistent access to the Kroger service without requiring repeated manual authentication. - [SAFE]: Robust guardrails are implemented to ensure the agent never places an order or takes payment directly. Every item addition to the cart requires explicit user confirmation of the product, brand, size, and price, which mitigates potential risks from malformed or malicious recipe data processed by the tool.
Audit Metadata