Doubao Seedream & Seedance API Skill

Key things to consider before installing: - Metadata vs reality: The registry metadata claims no credentials required, but SKILL.md and the code require an ARK_API_KEY (and support VOLCENGINE_* env vars). Confirm with the publisher which is authoritative. - External install scripts: SKILL.md recommends git-cloning and running install.sh and other scripts from a third-party GitHub repo. Do NOT run install scripts from unknown sources without reviewing them — they can execute arbitrary code on your machine. Prefer to use the code included with the skill (if the platform supports it) or inspect the remote repo and install scripts first. - Config and persistence: The skill will create ~/.volcengine and write state/config files (state.json, tasks.json, history.json). If you install, review those files and consider using a dedicated/non-privileged account or an isolated environment (container) and a dedicated API key with limited scope/quota. - Verify origin and integrity: The skill's homepage/source are unknown and owner id is opaque. If you need this capability, prefer an officially published integration or verify the GitHub repository and author identity, and inspect the install.sh/scripts referenced in SKILL.md. - Least privilege: Provide a scoped API key (not your primary account key), avoid storing long-lived keys in repo files, and set file permissions (the code suggests chmod 600) where keys are stored. If you want, I can: - extract the missing files referenced by SKILL.md and search the included bundle for any install scripts or unexpected network endpoints, - point out where the code reads/writes credentials and exactly which files are modified, - or produce a checklist of safe steps to install this skill in a sandbox (Docker) and review the remote install scripts before running them.