Ecommerce Monitor

The skill's code and documentation mostly match an ecommerce-monitoring purpose, but embedded guidance asking you to generate and hand over a GitHub Personal Access Token (and other repo-publishing instructions) is unnecessary for running the monitor and looks like a risky request; there are a few other small inconsistencies.

This package mostly does what it says (scrape product pages, analyze data, produce a markdown report, push to a Feishu webhook). Before installing or running it: (1) Do NOT hand over a GitHub Personal Access Token to anyone; the GET_TOKEN_GUIDE explicitly asks you to share the token with the author which is unnecessary and unsafe. (2) If you will publish this repo yourself, create and use a token locally without sharing it; avoid embedding tokens in remote URLs. (3) Review config/monitoring-config.yaml and set feishu.enabled = true only after providing a webhook URL you control. (4) The setup.py entry_point appears incorrect (references a missing Python module); if you need packaging, correct that. (5) The Taobao example URL in fetch-taobao.py is a shortened/affiliate-style link—inspect or replace it with your own product URLs to avoid unwanted tracking/redirects. (6) If your agent has browser sessions or credentials, be aware that SKILL.md's agent-browser commands will open external pages which could expose cookies or auth; run in an isolated environment if needed. (7) If you are not comfortable with the GET_TOKEN_GUIDE or the repo-publishing instructions, avoid following them and do not supply secrets; the rest of the tool can be run locally by editing config and using the provided scripts.