Competitor Price Tracker
v1.0.0Set up competitor price tracking and monitoring workflows. Track price changes, detect promotions, analyze pricing patterns, and get alerts for competitive p...
⭐ 0· 89·0 current·0 all-time
bynexscope-ai@nexscope
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
Name, description, supported platforms, and declared capabilities align: the SKILL.md is a methodology/consulting-style skill for setting up competitor price monitoring. It does not request unrelated credentials, binaries, or file paths.
Instruction Scope
Runtime instructions are limited to collecting info from the user's message, asking one multi‑choice follow-up, performing research/analysis, and returning structured recommendations. The instructions do not tell the agent to read local config files, secrets, or unrelated system state, nor to transmit data to unexpected endpoints.
Install Mechanism
The registry lists no install spec, but SKILL.md includes an npx install command that would fetch an external package (nexscope-ai/eCommerce-Skills). Because the registry did not declare this install step, users should verify the external package source and contents before running npx (downloading/executing remote packages carries risk).
Credentials
No environment variables, credentials, or config paths are required. This is proportionate for an instruction-only methodology skill. Note: practical deployment of actual scraping or monitoring (outside this skill) might require API keys or infrastructure, but those are not requested here.
Persistence & Privilege
Skill is not marked always:true and makes no requests to modify agent/system configuration. It does not request persistent presence or elevated privileges.
Assessment
This skill appears to be an instruction/methodology pack (no code included in the registry) and is coherent with its stated purpose. Before installing or following the SKILL.md's npx command: 1) Inspect the referenced package/repository (nexscope-ai/eCommerce-Skills) on GitHub or npm to confirm the publisher and review code; 2) Do not run npx/npm install blindly — remote packages can execute arbitrary code; 3) Consider legal and terms-of-service issues: automated scraping of marketplaces may violate site TOS or local law and may require API keys or vendor agreements; 4) Avoid pasting secrets or private credentials into prompts; if you plan to operationalize monitoring, prefer vetted integrations (official APIs) and isolate any automation in a controlled environment. If you want, I can: fetch the GitHub/npm project URL, summarize its README, or list what credentials/infra you'd need to implement a production tracker.Like a lobster shell, security has layers — review code before you run it.
latestvk9794s9qnespbz0h497gjfznnd83kj22
License
MIT-0
Free to use, modify, and redistribute. No attribution required.