Fundraising Advisor

What to check before installing: - Installation and runtime: The repo expects Python/Node dependencies and system binaries (tesseract, poppler, ghostscript) but the skill metadata does not declare these. If you install, make sure you can install those system packages and Python/npm deps in a controlled environment (or sandbox). - Sensitive data: The skill can parse OCRed PDFs and financial statements — avoid uploading PDFs containing sensitive personal or credential information until you verify where data is processed and stored. - Network behavior: Inspect the code (or run it in an isolated environment) for calls to external endpoints or telemetry. The docs mention planned integrations (Crunchbase, PitchBook) but there are no declared API keys now; nonetheless review any changes that add network calls. - Which implementation to use: The repository contains both TypeScript and Python variants; decide which you will run and follow that language's install docs. The SKILL.md frontmatter does not list required binaries even though INSTALL docs mention them — treat the latter as authoritative. - Test locally: Run the included tests (test_complete.py and examples) in a sandbox to confirm behavior. Review package.json/pyproject.toml, requirements.txt, and any code that performs filesystem or network I/O (pdf/ocr modules, investor matcher) before giving it access to production data or secrets. If you want, I can scan specific files for network calls, environment variable access, or suspicious patterns and point to exact lines to review.