3d Anime Poster Generator
v1.0.0Create stunning 3D anime posters with volumetric lighting, cinematic depth, and dynamic compositions. Perfect for wallpapers, merch designs, print-on-demand...
⭐ 0· 42·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description promise (3D anime poster generation) matches the code and README: the script POSTs to an image-generation API (api.talesofai.com) and polls for a result. No unrelated services, binaries, or credentials are requested.
Instruction Scope
SKILL.md and README instruct running the included Node script with a --token flag and a prompt. The runtime instructions and code are narrowly scoped to constructing API requests and polling results. Note: the token is passed on the command line (--token), which can expose it to other local users/processes via process listings on multi-user systems.
Install Mechanism
There is no install spec; the package is distributed as source files (node script + docs). No remote downloads or archives are executed during install, minimizing install-time risk.
Credentials
No environment variables or unrelated credentials are required. The only secret is the Neta API token, which the skill expects as a CLI argument; this is proportionate to its stated function, but CLI tokens can leak via process listings—using an env var or protected storage is safer.
Persistence & Privilege
Skill does not request persistent platform privileges (always:false) and does not modify other skills or system configurations. Autonomous invocation is permitted (platform default) but not combined with other high-risk behaviors.
Assessment
This skill appears to be what it says: a small Node script that sends your prompt and a provided Neta/TalesOfAI token to api.talesofai.com and returns an image URL. Before installing, consider: (1) verify you trust the API provider (neta.art / talesofai) and their privacy/usage terms; (2) avoid passing sensitive tokens on the command line if you’re on a multi-user system (use an environment variable or other secret mechanism instead) because command-line flags can be visible to other users; (3) review the included script (it’s short and readable) to confirm nothing unexpected is sent to other endpoints; and (4) ensure your Node runtime supports global fetch (Node 18+). If you need stricter guarantees about secret handling or provenance, request a published homepage/source repository or a maintainer identity before use.Like a lobster shell, security has layers — review code before you run it.
latestvk97bwd7bna2av2hhh52qx7v0s184t2s5
License
MIT-0
Free to use, modify, and redistribute. No attribution required.