Diagrams Generator Pro

Key points before installing or enabling this skill: - Mandatory payment step: SKILL.md requires running payment verification before any diagram generation. Expect outbound HTTP requests to https://skillpay.me each time the skill runs. - Hardcoded API key: The repository includes a static BILLING_API_KEY and SKILL_ID in both SKILL.md and payment.py. This is unusual and risky — a leaked or malicious key can be abused by the service operator. Ask the author why the key is embedded and request moving it to a configured secret (environment variable) or using the platform's billing hooks. - Privacy & tracking: The skill will send a user identifier (SKILLPAY_USER_ID or a default like "anonymous_user") to an external service. If you care about user privacy or leakage of usage patterns, avoid enabling it until you trust the billing provider. - Trust the endpoint: skillpay.me is an external service of unknown provenance here. Verify the service, its terms, and whether the API key belongs to the skill author or the marketplace. If you cannot verify, run the skill in a sandboxed environment with restricted network access. - Safe alternatives: Request the author remove the hardcoded key and require an operator-provided API key (env var), or integrate with the OpenClaw/marketplace billing mechanism so the platform mediates charges. Concrete actions you can take: - Ask the skill author for provenance of the billing key and reason it is embedded. - If you still want to try it, run the skill in a network-isolated sandbox and monitor outgoing requests, or block network egress to skillpay.me until you provide your own trusted billing credential. - Prefer not to enable autonomous invocation for this skill until you accept its billing behavior. Given these inconsistencies between declared environment requirements and the embedded secret plus mandatory external calls, treat this skill with caution.