ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Food402 - TGO Yemek

v1.0.0

Order food from TGO Yemek (Trendyol GO), Turkey's leading food delivery service. Use when user wants to order food delivery in Turkey, browse restaurants, search for foods, manage delivery addresses, check order history, or checkout with 3D Secure payment.

0· 1.7k·1 current·1 all-time
by@rersozlu

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for rersozlu/food402.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Food402 - TGO Yemek" (rersozlu/food402) from ClawHub.
Skill page: https://clawhub.ai/rersozlu/food402
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Required env vars: TGO_EMAIL, TGO_PASSWORD, GOOGLE_PLACES_API_KEY
Required binaries: curl, jq, openssl
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Canonical install target

openclaw skills install rersozlu/food402

ClawHub CLI

Package manager switcher

npx clawhub@latest install food402
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name, description, and included scripts implement a Trendyol GO (TGO Yemek) ordering flow (auth, address management, cart, payment). Requiring TGO_EMAIL and TGO_PASSWORD is consistent with needing to authenticate to the service. GOOGLE_PLACES_API_KEY is plausible for optional Google Reviews functionality, but see environment_proportionality note below.
Instruction Scope
SKILL.md and the scripts instruct only to call TGO endpoints (tgoyemek.com, api.tgoapis.com, payment.tgoapps.com), manage addresses/cart, and open 3D Secure HTML in the system browser. The workflows and required step ordering are explicit; the skill does not instruct reading unrelated system files or exfiltrating arbitrary data.
Install Mechanism
No install spec (instruction-only with bundled scripts) — low risk from installation. All code is included in the skill bundle; there are no network downloads or archive extraction steps in the install phase.
Credentials
TGO_EMAIL and TGO_PASSWORD are needed to perform login — proportionate but high-sensitivity. The metadata declares GOOGLE_PLACES_API_KEY as required, yet SKILL.md calls it optional for Google Reviews; this mismatch should be resolved. Required binaries list includes openssl (not used by scripts) and jq (used only in example CLI pipes), so the declared binaries are slightly broader than what the scripts themselves use.
Persistence & Privilege
The skill does not request always:true and does not modify other skills or system-wide config. It caches the received auth token in /tmp (TOKEN_FILE and EXPIRY_FILE) and writes a temporary HTML file for 3D Secure which it attempts to delete after 5 minutes — these are expected behaviors for this use case but involve local storage of sensitive tokens.
Assessment
This skill appears to do what it claims (log in to Trendyol GO, browse, add to cart, and handle 3D Secure). Before installing: 1) Only install if you trust the source — the skill requires your Trendyol email and password (sensitive). Consider using an account you can revoke or rotate. 2) Store env vars securely (avoid committing them); the skill caches the service token in /tmp where other local users could possibly read it. 3) The metadata lists GOOGLE_PLACES_API_KEY as required but SKILL.md marks it optional — you can likely omit it unless you need Google review lookups. 4) The declared required binaries include openssl though the scripts do not use it; this is likely harmless but odd. 5) If you have concerns, inspect the scripts yourself (they are included) or run them in an isolated environment first. If you want me to, I can point out exact lines to review or suggest safer deployment patterns (e.g., ephemeral credentials, stricter temp-file permissions).

Like a lobster shell, security has layers — review code before you run it.

Runtime requirements

🍕 Clawdis
Binscurl, jq, openssl
EnvTGO_EMAIL, TGO_PASSWORD, GOOGLE_PLACES_API_KEY
Primary envTGO_EMAIL
latestvk97cmnxcm6fw9v5rf5930as2z180fx7m
1.7kdownloads
0stars
1versions
Updated 23h ago
v1.0.0
MIT-0
@rersozlu
latest
Download

Food402 - TGO Yemek Food Delivery

Order food from Trendyol GO (TGO Yemek), Turkey's leading food delivery service. This skill enables complete food ordering: browse restaurants, view menus, customize items, manage cart, and checkout with 3D Secure payment.

Setup

OpenClaw

Add the following to your ~/.openclaw/openclaw.json:

{
  "skills": {
    "entries": {
      "food402": {
        "enabled": true,
        "env": {
          "TGO_EMAIL": "your-tgo-email@example.com",
          "TGO_PASSWORD": "your-tgo-password",
          "GOOGLE_PLACES_API_KEY": "your-google-api-key"
        }
      }
    }
  }
}

Claude Code / Cursor / Codex / Gemini CLI

Set environment variables in your shell profile (~/.bashrc, ~/.zshrc, etc.):

export TGO_EMAIL="your-tgo-email@example.com"
export TGO_PASSWORD="your-tgo-password"
export GOOGLE_PLACES_API_KEY="your-google-api-key"  # Optional: for Google Reviews

Then reload your shell or run source ~/.zshrc (or equivalent).

Authentication

The skill automatically handles authentication. When making API calls:

  1. Run {baseDir}/scripts/auth.sh get-token to get a valid JWT
  2. The script caches tokens in /tmp/food402-token with automatic refresh (60s buffer before expiry)
  3. If any API call returns 401, clear the token with {baseDir}/scripts/auth.sh clear-token and retry

Manual authentication check:

{baseDir}/scripts/auth.sh check-token

Required Workflow

IMPORTANT: You MUST follow this order:

  1. select_address - REQUIRED first step (sets delivery location for cart)
  2. get_restaurants or search_restaurants - Browse/search restaurants
  3. get_restaurant_menu - View a restaurant's menu
  4. get_product_details - Check customization options (if needed)
  5. add_to_basket - Add items to cart
  6. checkout_ready - Verify cart is ready for payment
  7. place_order - Complete the order with 3D Secure

If add_to_basket fails, try clear_basket first then retry.

Address Management Operations

get_addresses

Get user's saved delivery addresses. Call this first to show available addresses.

TOKEN=$({baseDir}/scripts/auth.sh get-token)
curl -s "https://api.tgoapis.com/web-user-apimemberaddress-santral/addresses" \
  -H "Authorization: Bearer $TOKEN" \
  -H "x-correlationid: $(uuidgen)" \
  -H "pid: $(uuidgen)" \
  -H "sid: $(uuidgen)" | jq

Response fields: id, addressName, addressLine, neighborhoodName, districtName, cityName, latitude, longitude

select_address

MUST be called before browsing restaurants or adding to basket. Sets the shipping address for the cart.

Parameters:

  • addressId (required): Address ID from get_addresses
TOKEN=$({baseDir}/scripts/auth.sh get-token)
curl -s -X POST "https://api.tgoapis.com/web-checkout-apicheckout-santral/shipping" \
  -H "Authorization: Bearer $TOKEN" \
  -H "Content-Type: application/json" \
  -H "x-correlationid: $(uuidgen)" \
  -H "pid: $(uuidgen)" \
  -H "sid: $(uuidgen)" \
  -d '{"shippingAddressId": {addressId}, "invoiceAddressId": {addressId}}'

add_address

Add a new delivery address. Use get_cities → get_districts → get_neighborhoods to find location IDs first.

Parameters:

  • name (required): First name
  • surname (required): Last name
  • phone (required): Phone without country code (e.g., "5356437070")
  • addressName (required): Label (e.g., "Home", "Work")
  • addressLine (required): Street address
  • cityId (required): From get_cities
  • districtId (required): From get_districts
  • neighborhoodId (required): From get_neighborhoods
  • latitude (required): Coordinate string
  • longitude (required): Coordinate string
  • apartmentNumber, floor, doorNumber, addressDescription (optional)
  • elevatorAvailable (optional): boolean
TOKEN=$({baseDir}/scripts/auth.sh get-token)
curl -s -X POST "https://api.tgoapis.com/web-user-apimemberaddress-santral/addresses" \
  -H "Authorization: Bearer $TOKEN" \
  -H "Content-Type: application/json" \
  -H "x-correlationid: $(uuidgen)" \
  -H "pid: $(uuidgen)" \
  -H "sid: $(uuidgen)" \
  -d '{
    "name": "{name}",
    "surname": "{surname}",
    "phone": "{phone}",
    "addressName": "{addressName}",
    "addressLine": "{addressLine}",
    "cityId": {cityId},
    "districtId": {districtId},
    "neighborhoodId": {neighborhoodId},
    "latitude": "{latitude}",
    "longitude": "{longitude}",
    "countryCode": "TR",
    "elevatorAvailable": false
  }' | jq

Note: If response is 429, OTP verification is required. Direct user to add the address at tgoyemek.com instead.

get_cities

Get list of all cities for address selection.

TOKEN=$({baseDir}/scripts/auth.sh get-token)
curl -s "https://api.tgoapis.com/web-user-apimemberaddress-santral/cities" \
  -H "Authorization: Bearer $TOKEN" \
  -H "x-correlationid: $(uuidgen)" \
  -H "pid: $(uuidgen)" \
  -H "sid: $(uuidgen)" | jq '.cities[] | {id, name}'

get_districts

Get districts for a city.

Parameters:

  • cityId (required): City ID from get_cities
TOKEN=$({baseDir}/scripts/auth.sh get-token)
curl -s "https://api.tgoapis.com/web-user-apimemberaddress-santral/cities/{cityId}/districts" \
  -H "Authorization: Bearer $TOKEN" \
  -H "x-correlationid: $(uuidgen)" \
  -H "pid: $(uuidgen)" \
  -H "sid: $(uuidgen)" | jq '.districts[] | {id, name}'

get_neighborhoods

Get neighborhoods for a district.

Parameters:

  • districtId (required): District ID from get_districts
TOKEN=$({baseDir}/scripts/auth.sh get-token)
curl -s "https://api.tgoapis.com/web-user-apimemberaddress-santral/districts/{districtId}/neighborhoods" \
  -H "Authorization: Bearer $TOKEN" \
  -H "x-correlationid: $(uuidgen)" \
  -H "pid: $(uuidgen)" \
  -H "sid: $(uuidgen)" | jq '.neighborhoods[] | {id, name}'

Restaurant Discovery Operations

get_restaurants

List restaurants near the selected address. Requires select_address first.

Parameters:

  • latitude (required): From selected address
  • longitude (required): From selected address
  • page (optional): Page number, default 1
  • sortBy (optional): RECOMMENDED (default), RESTAURANT_SCORE, or RESTAURANT_DISTANCE
  • minBasketPrice (optional): Pass 400 to filter min order >= 400 TL

Sorting keywords (Turkish & English):

  • "önerilen" / "recommended" / "popüler" → RECOMMENDED
  • "en yakın" / "closest" / "yakınımdaki" → RESTAURANT_DISTANCE
  • "en iyi" / "best rated" / "en yüksek puanlı" → RESTAURANT_SCORE
  • "en ucuz" / "cheapest" → Use search_restaurants instead (returns product prices)
TOKEN=$({baseDir}/scripts/auth.sh get-token)
curl -s "https://api.tgoapis.com/web-discovery-apidiscovery-santral/restaurants/filters?openRestaurants=true&latitude={latitude}&longitude={longitude}&pageSize=50&page={page}" \
  -H "Authorization: Bearer $TOKEN" \
  -H "x-correlationid: $(uuidgen)" \
  -H "pid: $(uuidgen)" \
  -H "sid: $(uuidgen)" | jq

Add &sortType=RESTAURANT_SCORE or &sortType=RESTAURANT_DISTANCE for sorting (omit for RECOMMENDED).

Response fields: id, name, kitchen, rating, ratingText, minBasketPrice, averageDeliveryInterval, distance, neighborhoodName, isClosed, campaignText

search_restaurants

Search restaurants and products by keyword. Results include product prices (useful for "cheapest" queries).

IMPORTANT: Always check isClosed field. Never suggest closed restaurants.

Parameters:

  • searchQuery (required): Search keyword (e.g., "pizza", "burger", "dürüm")
  • latitude (required): From selected address
  • longitude (required): From selected address
  • page (optional): Page number, default 1
TOKEN=$({baseDir}/scripts/auth.sh get-token)
curl -s "https://api.tgoapis.com/web-restaurant-apirestaurant-santral/restaurants/in/search?searchQuery={searchQuery}&latitude={latitude}&longitude={longitude}&pageSize=50&page={page}" \
  -H "Authorization: Bearer $TOKEN" \
  -H "x-correlationid: $(uuidgen)" \
  -H "pid: $(uuidgen)" \
  -H "sid: $(uuidgen)" | jq

Response includes: Restaurant info plus products[] array with id, name, description, price

Menu & Product Operations

get_restaurant_menu

Get a restaurant's full menu with categories and items.

Parameters:

  • restaurantId (required): Restaurant ID
  • latitude (required): Coordinate
  • longitude (required): Coordinate
TOKEN=$({baseDir}/scripts/auth.sh get-token)
curl -s "https://api.tgoapis.com/web-restaurant-apirestaurant-santral/restaurants/{restaurantId}?latitude={latitude}&longitude={longitude}" \
  -H "Authorization: Bearer $TOKEN" \
  -H "x-correlationid: $(uuidgen)" \
  -H "pid: $(uuidgen)" \
  -H "sid: $(uuidgen)" | jq

Response structure:

  • info: Restaurant details (id, name, rating, workingHours, deliveryTime, minOrderPrice)
  • categories[]: Menu sections with items[] (id, name, description, price, likePercentage)

get_product_details

Get product customization options (ingredients to exclude, modifier groups for extras/sizes).

Parameters:

  • restaurantId (required): Restaurant ID
  • productId (required): Product ID from menu
  • latitude (required): Coordinate
  • longitude (required): Coordinate
TOKEN=$({baseDir}/scripts/auth.sh get-token)
curl -s -X POST "https://api.tgoapis.com/web-restaurant-apirestaurant-santral/restaurants/{restaurantId}/products/{productId}?latitude={latitude}&longitude={longitude}" \
  -H "Authorization: Bearer $TOKEN" \
  -H "Content-Type: application/json" \
  -H "x-correlationid: $(uuidgen)" \
  -H "pid: $(uuidgen)" \
  -H "sid: $(uuidgen)" \
  -d '{}' | jq

Response includes components[]:

  • type: INGREDIENTS (items to exclude) or MODIFIER_GROUP (extras/sizes to select)
  • modifierGroupId: Use this ID when adding modifiers to basket
  • options[]: Available choices with id, name, price, isPopular
  • isSingleChoice, minSelections, maxSelections: Selection rules

get_product_recommendations

Get "goes well with" suggestions for products.

Parameters:

  • restaurantId (required): Restaurant ID
  • productIds (required): Array of product IDs
TOKEN=$({baseDir}/scripts/auth.sh get-token)
curl -s -X POST "https://api.tgoapis.com/web-discovery-apidiscovery-santral/recommendation/product" \
  -H "Authorization: Bearer $TOKEN" \
  -H "Content-Type: application/json" \
  -H "x-correlationid: $(uuidgen)" \
  -H "pid: $(uuidgen)" \
  -H "sid: $(uuidgen)" \
  -d '{
    "restaurantId": "{restaurantId}",
    "productIds": ["{productId1}", "{productId2}"],
    "page": "PDP"
  }' | jq

Cart Management Operations

add_to_basket

Add items to the shopping cart. Requires select_address first.

Parameters:

  • storeId (required): Restaurant ID (NUMBER)
  • latitude (required): Coordinate (NUMBER, not string)
  • longitude (required): Coordinate (NUMBER, not string)
  • items[] (required): Array of items to add

Item structure:

{
  "productId": 12345,
  "quantity": 1,
  "modifierProducts": [
    {
      "productId": 111,
      "modifierGroupId": 222,
      "modifierProducts": [],
      "ingredientOptions": {"excludes": [], "includes": []}
    }
  ],
  "ingredientOptions": {
    "excludes": [{"id": 333}],
    "includes": []
  }
}

TOKEN=$({baseDir}/scripts/auth.sh get-token)
curl -s -X POST "https://api.tgoapis.com/web-checkout-apicheckout-santral/carts/items" \
  -H "Authorization: Bearer $TOKEN" \
  -H "Content-Type: application/json" \
  -H "x-correlationid: $(uuidgen)" \
  -H "pid: $(uuidgen)" \
  -H "sid: $(uuidgen)" \
  -d '{
    "storeId": {storeId},
    "items": [{items}],
    "latitude": {latitude},
    "longitude": {longitude},
    "isFlashSale": false,
    "storePickup": false
  }' | jq

If this fails, try clear_basket first then retry.

get_basket

Get current cart contents.

TOKEN=$({baseDir}/scripts/auth.sh get-token)
curl -s "https://api.tgoapis.com/web-checkout-apicheckout-santral/carts" \
  -H "Authorization: Bearer $TOKEN" \
  -H "x-correlationid: $(uuidgen)" \
  -H "pid: $(uuidgen)" \
  -H "sid: $(uuidgen)" | jq

Response includes: storeGroups[] with store info and products, summary[], totalPrice, deliveryPrice, isEmpty

remove_from_basket

Remove an item from the cart.

Parameters:

  • itemId (required): Item UUID from get_basket response (the itemId field, NOT productId)
TOKEN=$({baseDir}/scripts/auth.sh get-token)
curl -s -X DELETE "https://api.tgoapis.com/web-checkout-apicheckout-santral/carts/items/{itemId}" \
  -H "Authorization: Bearer $TOKEN" \
  -H "x-correlationid: $(uuidgen)" \
  -H "pid: $(uuidgen)" \
  -H "sid: $(uuidgen)" | jq

clear_basket

Clear the entire cart.

TOKEN=$({baseDir}/scripts/auth.sh get-token)
curl -s -X DELETE "https://api.tgoapis.com/web-checkout-apicheckout-santral/carts" \
  -H "Authorization: Bearer $TOKEN" \
  -H "x-correlationid: $(uuidgen)" \
  -H "pid: $(uuidgen)" \
  -H "sid: $(uuidgen)"

Checkout & Payment Operations

get_saved_cards

Get user's saved payment cards (masked). If no cards, user must add one at tgoyemek.com.

Uses Payment API with different headers:

TOKEN=$({baseDir}/scripts/auth.sh get-token)
curl -s "https://payment.tgoapps.com/v2/cards/" \
  -H "Authorization: bearer $TOKEN" \
  -H "app-name: TrendyolGo" \
  -H "x-applicationid: 1" \
  -H "x-channelid: 4" \
  -H "x-storefrontid: 1" | jq

Response: cards[] with cardId, maskedCardNumber, bankName, cardNetwork, isDebitCard

checkout_ready

Verify cart is ready for checkout. Call this before place_order.

TOKEN=$({baseDir}/scripts/auth.sh get-token)
curl -s "https://api.tgoapis.com/web-checkout-apicheckout-santral/carts?cartContext=payment&limitPromoMbs=false" \
  -H "Authorization: Bearer $TOKEN" \
  -H "x-correlationid: $(uuidgen)" \
  -H "pid: $(uuidgen)" \
  -H "sid: $(uuidgen)" | jq

Check response:

  • If totalProductCount is 0, cart is empty
  • Check warnings[] for issues (e.g., below minimum order)
  • Returns full cart details and totalPrice

set_order_note

Set order note and service preferences. Call before place_order.

Parameters:

  • note (optional): Note for courier/restaurant
  • noServiceWare (optional): Don't include plastic/cutlery (default: false)
  • contactlessDelivery (optional): Leave at door (default: false)
  • dontRingBell (optional): Don't ring doorbell (default: false)
TOKEN=$({baseDir}/scripts/auth.sh get-token)
curl -s -X PUT "https://api.tgoapis.com/web-checkout-apicheckout-santral/carts/customerNote" \
  -H "Authorization: Bearer $TOKEN" \
  -H "Content-Type: application/json" \
  -H "x-correlationid: $(uuidgen)" \
  -H "pid: $(uuidgen)" \
  -H "sid: $(uuidgen)" \
  -d '{
    "customerNote": "{note}",
    "noServiceWare": false,
    "contactlessDelivery": false,
    "dontRingBell": false
  }'

place_order

Place the order with 3D Secure payment. This is a 3-step process.

Parameters:

  • cardId (required): Card ID from get_saved_cards

Step 1: Get cart with payment context

TOKEN=$({baseDir}/scripts/auth.sh get-token)
curl -s "https://api.tgoapis.com/web-checkout-apicheckout-santral/carts?cartContext=payment&limitPromoMbs=false" \
  -H "Authorization: Bearer $TOKEN" \
  -H "x-correlationid: $(uuidgen)" \
  -H "pid: $(uuidgen)" \
  -H "sid: $(uuidgen)"

Step 2: Select payment method (Payment API)

# Get bin code from card's maskedCardNumber (first 6 digits + **)
BINCODE="${maskedCardNumber:0:6}**"

curl -s -X POST "https://payment.tgoapps.com/v3/payment/options" \
  -H "Authorization: bearer $TOKEN" \
  -H "Content-Type: application/json" \
  -H "app-name: TrendyolGo" \
  -H "x-applicationid: 1" \
  -H "x-channelid: 4" \
  -H "x-storefrontid: 1" \
  -d '{
    "paymentType": "payWithCard",
    "data": {
      "savedCardId": {cardId},
      "binCode": "{binCode}",
      "installmentId": 0,
      "reward": null,
      "installmentPostponingSelected": false
    }
  }'

Step 3: Submit payment (Payment API)

curl -s -X POST "https://payment.tgoapps.com/v2/payment/pay" \
  -H "Authorization: bearer $TOKEN" \
  -H "Content-Type: application/json" \
  -H "app-name: TrendyolGo" \
  -H "x-applicationid: 1" \
  -H "x-channelid: 4" \
  -H "x-storefrontid: 1" \
  -d '{
    "customerSelectedThreeD": false,
    "paymentOptions": [{"name": "payWithCard", "cardNo": "", "customerSelectedThreeD": false}],
    "callbackUrl": "https://tgoyemek.com/odeme"
  }'

3D Secure handling: If response contains json.content (HTML) or redirectUrl:

  1. Save HTML to temp file
  2. Open in browser: {baseDir}/scripts/3dsecure.sh "$HTML_CONTENT"
  3. Inform user to complete verification in browser

Order History Operations

get_orders

Get user's order history with status.

Parameters:

  • page (optional): Page number, default 1
TOKEN=$({baseDir}/scripts/auth.sh get-token)
curl -s "https://api.tgoapis.com/web-checkout-apicheckout-santral/orders?page={page}&pageSize=50" \
  -H "Authorization: Bearer $TOKEN" \
  -H "x-correlationid: $(uuidgen)" \
  -H "pid: $(uuidgen)" \
  -H "sid: $(uuidgen)" | jq

Response: orders[] with id, orderDate, store, status, price, products[]

get_order_detail

Get detailed information about a specific order including delivery status.

Parameters:

  • orderId (required): Order ID from get_orders
TOKEN=$({baseDir}/scripts/auth.sh get-token)
curl -s "https://api.tgoapis.com/web-checkout-apicheckout-santral/orders/detail?orderId={orderId}" \
  -H "Authorization: Bearer $TOKEN" \
  -H "x-correlationid: $(uuidgen)" \
  -H "pid: $(uuidgen)" \
  -H "sid: $(uuidgen)" | jq

Response includes: Order details, delivery status steps, ETA, products with prices, delivery address

Google Reviews (Optional)

get_google_reviews

Fetch Google Maps rating and reviews for a restaurant. Requires GOOGLE_PLACES_API_KEY env var.

Parameters:

  • restaurantId, restaurantName, neighborhoodName, tgoDistance, tgoRating, latitude, longitude

This operation uses Google Places API to find the restaurant and compare ratings. Only use if GOOGLE_PLACES_API_KEY is configured.

Error Handling

StatusAction
401 UnauthorizedToken expired. Run {baseDir}/scripts/auth.sh clear-token then retry the operation.
400 Bad RequestCheck parameters. Parse and show the error message from response body.
429 Rate LimitedOTP verification required. Direct user to complete the action at tgoyemek.com instead.
5xx Server ErrorTGO service temporarily unavailable. Wait a moment and retry once.
3D SecureSave HTML content, open browser with {baseDir}/scripts/3dsecure.sh, inform user to complete verification.

Always parse error responses and present the error message clearly to the user.

Guidelines

  • Always authenticate before making API calls. Use the auth.sh helper.
  • Never expose raw credentials, JWTs, or tokens to the user.
  • Confirm destructive operations (clear_basket, place_order) with the user before executing.
  • Check isClosed before suggesting restaurants from search results.
  • Present results in a clean, readable format rather than raw JSON dumps.
  • Follow the required workflow: select_address → browse → menu → add to basket → checkout.
  • Handle coordinates correctly: get_restaurants uses STRING coordinates, add_to_basket uses NUMBER coordinates.
  • If add_to_basket fails, try clear_basket first then retry.
  • For payment, always use the Payment API headers (lowercase "bearer", app-name, x-applicationid, etc.).

Comments

Loading comments...