DesignKit SKU 套图生成器

Key things to consider before installing/using this skill: - Metadata mismatch: the registry summary showed no required env vars, but the skill and scripts require DESIGNKIT_OPENCLAW_AK and the SKU flow may require DB credentials. Treat the DESIGNKIT_OPENCLAW_AK as mandatory for API calls. - Sensitive local access: the SKU pipeline (scripts/sku_to_ecommerce_kit.py) will try to load .env files from other workspace paths and connect to a Postgres DB using DB_* env vars if present. If you don't intend to expose your database to this skill, do not run the SKU flow or ensure those .env files/DB creds are not present. - Potential credential leakage: by default request logging is enabled and the scripts print curl-style requests (including X-Openclaw-AK) to stderr. If you must use this skill, set OPENCLAW_REQUEST_LOG=0 (or otherwise audit/redirect logs) to avoid leaking your API key to logs or shared consoles. - Missing dependency handling: the scripts expect python3 and psycopg2; there is no install spec, so be prepared to install dependencies and review the scripts before execution. - Audit the code: since the source/homepage is unknown and the repo runs shell/python that access network and local files, inspect scripts (especially sku_to_ecommerce_kit.py and run_command.sh) before giving it secrets or running it in an environment with sensitive .env files. If you want to proceed safely: (1) set OPENCLAW_REQUEST_LOG=0 before invoking, (2) only export DESIGNKIT_OPENCLAW_AK when needed and avoid running the SKU pipeline unless you explicitly provide DB credentials on purpose, (3) run in an isolated environment/container or with logs redirected, and (4) ask the publisher for an official source/homepage and a clear list of required env vars and dependencies.