ai-hotel

What to check before installing: - Understand token handling: the code saves the identity_code to ~/.fbt-auth.json in plain text. Consider whether that file's location and permissions are acceptable (restrict access with file permissions). If you don't want tokens stored, ask the developer to support in-memory or encrypted storage. - Ask about the DEFAULT_ACCESS_TOKEN: the code falls back to a hard-coded test token if no saved token exists, which contradicts SKILL.md's 'must authenticate first' requirement. Confirm whether that token is a harmless test stub or could grant unintended access to production APIs. - Network/privacy: this skill will send user input (phone numbers, search keywords, guest data) to https://app-gate.fenbeitong.com. Only use it if you trust that endpoint and are comfortable with those transmissions. - Dependencies: requirements.txt exists but no install step is provided. Ensure the execution environment will install the listed Python packages or that the platform isolates/inspects them before running. - Runtime checks: openai_adapter.py contains a version requirement comment and imports fb_hotel_api using a module name that may require a particular Python package layout; test in a sandboxed environment first. If you need higher assurance: run the skill in a restricted sandbox, inspect and (if necessary) remove or replace DEFAULT_ACCESS_TOKEN, and confirm/update token storage to safer handling (e.g., encrypted store or explicit user-managed token).