Stock Monitor

What to check before installing or running this skill: - Missing files: SKILL.md and README instruct you to copy/edit config.example.py and reference RULE_REVIEW_REPORT.md, but those files are not present. Don’t run the daemon until you locate or create the intended config (search the package or contact the author). Running without the expected config may produce runtime errors or unexpected defaults. - Network access: The scripts make outbound HTTP requests to third-party finance services (eastmoney, sina, push2.eastmoney). This is expected for a market-monitoring tool, but be aware that your machine will contact those external endpoints whenever the daemon runs. - Local persistence: The daemon writes logs and a PID file to $HOME/.stock_monitor and runs in the background via nohup; review and rotate logs as needed and avoid running as root. Inspect the log files before trusting behavior. - Hardcoded test path: test_suite.py inserts a hardcoded sys.path (/home/wesley/...), which is a developer leftover—this is not necessary for normal runtime but suggests the package may not be cleanly packaged. Run tests in a sandbox/virtualenv and inspect test code before executing. - Sensitive data: The skill does not request API keys, but you will be asked to edit a config with your holdings (costs). Ensure you do not accidentally paste personal secrets or API tokens into the config. If you add notification hooks (email/webhook/Telegram) to the config, audit those integrations. - Suggested precautions: run the scripts in a disposable environment (container or VM) first; open the scripts and search for unexpected remote endpoints or credential usage; supply a minimal config and run the test suite in isolation; restrict network access if you want to observe behavior before full deployment. If you want, I can: (1) list every external URL the code will contact, (2) point out the exact missing files and locations where the package assumes them, or (3) help create a minimal safe config to run tests in a sandbox.