Keeper Manager

The package contains multiple inconsistencies between its description/metadata and the actual code and install scripts (network claims, env vars, DB usage, install behavior), so it’s suspicious and should be reviewed before installation.

This package is inconsistent and should be treated with caution. Before installing: (1) Review the full source locally (keeper_manager_agent.py) to confirm exactly what endpoints it POSTs to (merchant bot and any webhook URLs). (2) Do not set MERCHANT_BOT_URL to a remote/untrusted host—keep it pointed to a local, trusted service. (3) Be aware install.sh will create a venv and pip-install requirements (review requirements.txt). (4) Note SKILL.md promises local-only DB/merchant usage but the code supports arbitrary outgoing webhooks and uses a default external ETH address; verify all defaults and env var names (KEEPER_SERVICE_ADDRESS vs SERVICE_ADDRESS). (5) Consider running the agent in a sandboxed environment or review and remove webhook/callback code if you need stronger guarantees. If you cannot verify these inconsistencies, avoid installing or grant only to a disposable/test environment.