Merchant Feed Preflight avatar

Merchant Feed Preflight

Pricing

from $5.00 / report generated

Go to Apify Store
Merchant Feed Preflight

Merchant Feed Preflight

Before refreshing a product feed, sample public product pages and compare observable price, stock, image, and structured-data signals against feed rows.

Pricing

from $5.00 / report generated

Rating

0.0

(0)

Developer

Checksmith Cats

Checksmith Cats

Maintained by Community

Actor stats

0

Bookmarked

2

Total users

1

Monthly active users

8 days ago

Last modified

Share

Catches feed-vs-page price, stock, and image mismatches before you submit a product feed. Reads only public URLs; no account access.

Give it a public product feed URL. It fetches the feed and a sample of live product pages, compares them, and returns a per-finding report in JSON, HTML, and Markdown. For each sampled product it reports where the price differs, where stock status disagrees, where an image URL 404s, where product structured data is missing, and whether GTIN check digits and selected merchant structured-data types are present.

Policy and contact checks only confirm that a returns/shipping/privacy/contact link exists and resolves. They do not read or judge the policy text. Structured return/shipping checks detect MerchantReturnPolicy and OfferShippingDetails type presence only. GTIN checks validate the check digit only; they do not verify GS1 assignment, ownership, or product identity.

Scope

MVP checks:

  • Product feed fetch and parsing for CSV, TSV, RSS/XML, and Atom/XML
  • Product page reachability
  • Feed price vs static page/JSON-LD price comparison
  • Feed availability vs static page/JSON-LD availability comparison
  • Feed image URL reachability
  • Product structured data detection
  • Brand, GTIN, and MPN signal presence
  • GTIN-8/12/13/14 check-digit validation when a GTIN is provided
  • MerchantReturnPolicy and OfferShippingDetails JSON-LD type presence
  • Store HTTPS check
  • robots.txt status check
  • Return/refund, shipping, privacy, terms, contact, and about link detection
  • Public contact signal detection
  • SSRF-safe URL fetching with redirect revalidation

Out of scope:

  • Google Merchant Center account access
  • Google approval, account recovery, or reinstatement work
  • appeal text generation
  • legal, tax, policy, or advertising advice
  • Shopify, WooCommerce, or CMS repair work
  • checkout testing
  • login, CAPTCHA, proxy, or bot-block bypass
  • default JavaScript rendering

Not affiliated with Google. This is a diagnostic report of detectable differences, not an approval, legal/policy review, or reinstatement service, and it does not reproduce Google's review decision.

Local Development

Run tests:

$PYTHONPATH=src python3 -m unittest discover -s tests -v

Generate a synthetic sample report:

PYTHONPATH=src python3 -m merchant_trust_preflight.cli \
examples/sample-input.json \
--fixture-map fixtures/sample-map.json \
--json examples/sample-report.json \
--html examples/sample-report.html \
--md docs/sample-report.md

Run against a real public feed:

$merchant-feed-preflight input.json --json report.json --html report.html

Example input:

{
"feedUrl": "https://example.com/products.xml",
"storeUrl": "https://example.com/",
"sampleLimit": 25,
"country": "US",
"currency": "USD",
"recordRobots": true
}

Use only feeds and sites you own, manage, or have permission to scan.

Apify Actor

Actor metadata lives in .actor/.

The intended first release route is:

  1. Private Actor deployment
  2. fixture and real-site smoke tests
  3. pay-per-event pricing setup
  4. public Store listing

Initial PPE events:

EventSuggested priceMeaning
report-generated$5.00Charged once, only when at least one product page was fetched and compared
product-checked$0.25One product page that was actually fetched and compared (unreachable pages are reported but not charged)

The Actor writes:

  • dataset rows: one row per finding
  • REPORT.json
  • REPORT.html
  • REPORT.md

Security

The scanner fetches user-supplied URLs, so SSRF controls are part of the core product:

  • http/https only
  • username/password URLs rejected
  • private, loopback, link-local, multicast, unspecified, CGNAT, and other non-global IPs blocked
  • DNS resolution is checked before connecting
  • redirects are revalidated
  • body and header sizes are capped
  • request timeouts are enforced
  • query strings are redacted in report evidence

See docs/security-and-license-review.md.

Commercial Use and Licenses

This source package is proprietary to Checksmith Cats.

Core scanner: Python standard library plus defusedxml (PSF-2.0) for safe XML feed parsing. Actor entrypoint: Apify SDK (Apache-2.0).

See LICENSE and THIRD_PARTY_LICENSES.md.

References