inquiry analyzer

Things to consider before installing/using: - Hard-coded relay token: The code contains a literal RELAY_TOKEN in lib/inquiry-analyzer.js and lib/okki-background.js. Treat this as a potential secret leak; confirm where the token came from and rotate it if it's a real credential. Prefer replacing hard-coded tokens with environment-variable-based configuration (process.env) before use. - Dependency mismatch: The skill claims 'self-contained' and only declares node, but the code requires 'playwright-core' and an OpenClaw runtime. Ensure your environment provides Playwright/OpenClaw or adjust the code to use available libraries. - Platform assumptions: The code contains a Windows-specific OpenClaw path and fixed CDP URL. If you run on Linux/macOS, verify those paths and connectivity. - Data sensitivity: The tool scrapes Alibaba pages and extracts personal/company identifiers (names, emails, chat text). Run it only with accounts/data you control and consider using an isolated/test environment if you are concerned about data exfiltration. - Review network behavior: From the provided files there are no remote exfiltration endpoints, but confirm there are no hidden remote calls at runtime (e.g., telemetry in your OpenClaw environment). Run in a network-restricted environment or monitor outbound connections when you first execute it. - Safety-first: If you decide to use it, (1) remove or replace the embedded RELAY_TOKEN, (2) run initial tests with a throwaway Alibaba account or in a VM/container, (3) verify Playwright/OpenClaw connectivity, and (4) inspect logs/output to ensure only expected data is written to local files.

These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.