🔍
12917 skills
← All skills
Tencent SkillHub · Developer Tools

Supermarket

Search grocery products, find store locations, add items to cart, and view profile across all Kroger-family stores — Kroger, Ralphs, Fred Meyer, Harris Teete...

skill openclawclawhub Free
0 Downloads
0 Stars
0 Installs
0 Score
High Signal

Search grocery products, find store locations, add items to cart, and view profile across all Kroger-family stores — Kroger, Ralphs, Fred Meyer, Harris Teete...

⬇ 0 downloads ★ 0 stars Unverified but indexed

Install for OpenClaw

Quick setup
  1. Download the package from Yavira.
  2. Extract the archive and review SKILL.md first.
  3. Import or place the package into your OpenClaw setup.

Requirements

Target platform
OpenClaw
Install method
Manual import
Extraction
Extract archive
Prerequisites
OpenClaw
Primary doc
SKILL.md

Package facts

Download mode
Yavira redirect
Package format
ZIP package
Source platform
Tencent SkillHub
What's included
CLAUDE.md, README.md, SKILL.md, _meta.json, cmd/krocli/main.go, firebase/firebase.json

Validation

  • Use the Yavira download entry.
  • Review SKILL.md after the package is downloaded.
  • Confirm the extracted package contains the expected setup assets.

Install with your agent

Agent handoff

Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.

  1. Download the package from Yavira.
  2. Extract it into a folder your agent can access.
  3. Paste one of the prompts below and point your agent at the extracted folder.
New install

I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Then review README.md for any prerequisites, environment setup, or post-install checks. Tell me what you changed and call out any manual steps you could not complete.

Upgrade existing

I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Then review README.md for any prerequisites, environment setup, or post-install checks. Summarize what changed and any follow-up checks I should run.

Open Send to Agent page Open JSON manifest Open Markdown brief

Trust & source

Release facts

Source
Tencent SkillHub
Verification
Indexed source record
Version
1.1.0

Documentation

ClawHub primary doc Primary doc: SKILL.md 22 sections Open source page

Supermarket Skill

Search grocery products, find stores, add to cart, and view your profile across all Kroger-family stores (Kroger, Ralphs, Fred Meyer, Harris Teeter, King Soopers, Fry's, QFC, Mariano's, Pick 'n Save, and more) — all through the Kroger API via a hosted OAuth proxy. No API keys or developer accounts needed.

How This Works (Transparency)

This skill uses a hosted OAuth proxy at us-central1-krocli.cloudfunctions.net to handle Kroger API authentication. Here's what it does and doesn't do: What the proxy handles: Stores the Kroger client_id/client_secret (as Firebase secrets — never exposed to the agent) Exchanges authorization codes for tokens during login Refreshes expired user tokens Privacy guarantees (verifiable in source): User tokens are deleted from Firestore immediately after being returned to the agent (tokenUser.ts:44) Login sessions expire after 5 minutes (callback.ts:10) Firestore rules deny all direct client access — only server-side Cloud Functions can read/write No tokens are logged — only errors use console.error The proxy never sees your Kroger username or password (that goes directly to Kroger's OAuth page) Full source code: The proxy is open source at firebase/functions/src/ in the krocli repository. You can audit every function: authorize.ts, callback.ts, tokenClient.ts, tokenUser.ts, tokenRefresh.ts. If you don't trust the hosted proxy, see "Self-Hosting" at the bottom of this document.

Architecture

All API calls go through the hosted proxy which handles OAuth credentials. The agent never needs a client_id or client_secret. Two token types: Client token — for public data (products, locations). Obtained automatically. User token — for personal data (cart, profile). Requires one-time browser login.

Getting a Client Token

Before searching products or locations, obtain a client token: curl -s -X POST https://us-central1-krocli.cloudfunctions.net/tokenClient Response: {"access_token": "eyJ...", "expires_in": 1800, "token_type": "bearer"} Cache the access_token for subsequent requests. It expires in 30 minutes.

Searching Products

curl -s -H "Authorization: Bearer ACCESS_TOKEN" \ -H "Accept: application/json" \ "https://api.kroger.com/v1/products?filter.term=milk&filter.limit=10" Query parameters: ParameterRequiredDescriptionfilter.termYesSearch term (e.g. "milk", "organic eggs")filter.locationIdNoStore ID for local pricing/availabilityfilter.limitNoMax results (default 10, max 50) Response fields to show the user: data[].productId — UPC code data[].description — Product name data[].brand — Brand name data[].items[].price.regular — Price (when locationId provided) data[].items[].price.promo — Sale price (when available) data[].items[].size — Package size

Finding Store Locations

curl -s -H "Authorization: Bearer ACCESS_TOKEN" \ -H "Accept: application/json" \ "https://api.kroger.com/v1/locations?filter.zipCode.near=45202&filter.limit=5" Query parameters: ParameterRequiredDescriptionfilter.zipCode.nearYesZIP code to search nearfilter.radiusInMilesNoSearch radius (default 10)filter.limitNoMax results (default 10) Response fields to show the user: data[].locationId — Store ID (use for product pricing) data[].name — Store name data[].address.addressLine1, city, state, zipCode data[].phone — Phone number data[].hours — Operating hours

User Authentication (for Cart & Profile)

When the user wants to add items to their cart or view their profile, they need to authenticate with Kroger. This is a one-time browser flow.

Step 1: Generate a session ID and send the login link

Generate a random hex session ID (16-32 characters) and present the login URL to the user as a clickable link: https://us-central1-krocli.cloudfunctions.net/authorize?session_id=SESSION_ID Tell the user: "Click this link to log in to your Kroger account. Once you see 'Login successful', come back here and let me know."

Step 2: Poll for tokens

After the user says they've logged in, poll for their tokens: curl -s "https://us-central1-krocli.cloudfunctions.net/tokenUser?session_id=SESSION_ID" If {"status": "pending"} with HTTP 202: user hasn't finished yet. Wait and retry. If HTTP 200: tokens are returned. Cache access_token and refresh_token. { "access_token": "eyJ...", "refresh_token": "abc...", "expires_in": 1800, "token_type": "bearer" }

Step 3: Use the user token

The user token is needed for cart and profile endpoints.

Adding to Cart

Requires user token from authentication above. curl -s -X PUT \ -H "Authorization: Bearer USER_ACCESS_TOKEN" \ -H "Content-Type: application/json" \ -H "Accept: application/json" \ "https://api.kroger.com/v1/cart/add" \ -d '{"items": [{"upc": "0011110838049", "quantity": 1}]}' Request body: { "items": [ {"upc": "PRODUCT_ID", "quantity": 1} ] } HTTP 204 means success (no response body).

Viewing Profile

Requires user token. curl -s -H "Authorization: Bearer USER_ACCESS_TOKEN" \ -H "Accept: application/json" \ "https://api.kroger.com/v1/identity/profile"

Refreshing an Expired User Token

If a user token returns 401, refresh it: curl -s -X POST \ -H "Content-Type: application/json" \ "https://us-central1-krocli.cloudfunctions.net/tokenRefresh" \ -d '{"refresh_token": "REFRESH_TOKEN"}' Response includes new access_token and refresh_token. Cache both.

Token Management Summary

TokenHow to getExpiresRefreshClientPOST /tokenClient30 minJust request a new oneUserBrowser login flow30 minPOST /tokenRefresh with refresh_token

Error Handling

HTTP StatusMeaningAction401Token expiredRefresh or re-obtain token403ForbiddenToken lacks required scope429Rate limitedWait and retry400Bad requestCheck parameters

"Search for milk near me"

Get client token via POST /tokenClient Ask user for ZIP code (or use a previously known one) Find nearest store via locations API Search products with filter.locationId for local pricing

"Add bananas to my Kroger cart"

Check if user token is cached; if not, start login flow Search for "bananas" to get the UPC Confirm product with user PUT /cart/add with the UPC

"What Kroger stores are near 90210?"

Get client token Search locations with filter.zipCode.near=90210 Format results with name, address, hours

Token Persistence

After a successful user login, save the refresh token and preferred ZIP code to your long-term memory so the user doesn't have to log in again next session. After login, remember: kroger_refresh_token: the refresh_token from the login flow kroger_zip_code: the user's preferred ZIP code (if provided) kroger_store_id: the user's preferred store locationId (if identified) At the start of a session, check your memory for a saved kroger_refresh_token. If found: Call POST /tokenRefresh with the saved refresh_token If it succeeds, use the new access_token — no login needed If it fails (e.g. token revoked), clear the saved token and start a fresh login flow Important: Only save the refresh_token, never the access_token (it expires in 30 minutes and is useless to persist).

Self-Hosting the Proxy

If you prefer not to use the hosted proxy, you can run your own. The full source is in the krocli repo under firebase/.

Option 1: Deploy your own Firebase proxy

Create a Kroger developer app at developer.kroger.com Scopes: product.compact, cart.basic:write, profile.compact Redirect URI: https://YOUR-PROJECT.cloudfunctions.net/callback Clone the repo and set up Firebase: git clone https://github.com/BLANXLAIT/krocli.git cd krocli/firebase firebase init firebase functions:secrets:set KROGER_CLIENT_ID firebase functions:secrets:set KROGER_CLIENT_SECRET Update CALLBACK_URL in callback.ts and authorize.ts to point to your project Deploy: firebase deploy --only functions,firestore:rules Replace all us-central1-krocli.cloudfunctions.net URLs in this skill with your own project URL

Option 2: Use the krocli CLI directly (no proxy at all)

If you have Go installed, you can skip the proxy entirely: go install github.com/blanxlait/krocli/cmd/krocli@latest krocli auth credentials set /path/to/your/kroger-creds.json krocli products search --term "milk" krocli auth login # browser OAuth, tokens stored in OS keyring krocli cart add --upc 0011110838049 In this mode, all API calls go directly to api.kroger.com using your own credentials. No proxy involved. Tokens are stored locally in your OS keyring.

Category context

Code helpers, APIs, CLIs, browser automation, testing, and developer operations.

Source: Tencent SkillHub

Largest current source with strong distribution and engagement signals.

Package contents

Included in package
3 Docs2 Config1 Files
  • SKILL.md Primary doc
  • CLAUDE.md Docs
  • README.md Docs
  • _meta.json Config
  • firebase/firebase.json Config
  • cmd/krocli/main.go Files

Related skills

readyClaw Free
Featured

API Architect

Design contracts before code

Designs contracts before implementation and treats REST, GraphQL, and gRPC as tools rather than dogma.

Developer Tools agent claude
souls.zip $149
Featured

The Dev Team

A four-agent engineering squad for shipping products

Four-agent engineering team spanning CTO, frontend, backend, and design roles, built to mirror the stack behind souls.zip.

Developer Tools team openclaw
readyClaw Free
Featured

Web Platform Engineer

Build for the open web with strong fundamentals

A web engineering agent grounded in HTML semantics, CSS layout systems, and browser-native resilience.

Developer Tools agent claude