ClawHub

Barbie Style Generator

v1.0.0

any description into a stunning Barbie-style AI portrait with hyper-feminine glamour doll aesthetics. Generate pastel-saturated fashion doll images, pink edi...

0· 41·0 current·0 all-time
by@omactiengartelle
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description match the implementation: the JS script posts the prompt to an image-generation API (https://api.talesofai.com) and polls for a resulting image URL. No unrelated services, binaries, or credentials are requested.
Instruction Scope
Runtime instructions tell the user to run node with --token and a prompt; the script sends the prompt and optional ref UUID to the external Neta API and prints the returned image URL. This is expected, but note that user-provided prompts (and any sensitive content in them) are transmitted to an external service.
Install Mechanism
There is no install spec that downloads code or executes arbitrary installers. The package contains a small standalone ESM script with no dependencies in package.json. No archive downloads or third-party installers are used.
Credentials
The skill does not request environment variables or unrelated credentials. It requires a single service token (passed via --token) which is proportional to calling a third-party image API.
Persistence & Privilege
always is false, the skill is user-invocable and does not attempt to modify other skills or persistent agent configuration. It does not request elevated or persistent privileges.
Assessment
This skill appears to do exactly what it claims: send your text prompt to the Neta image API and return an image URL. Before installing or using it: (1) Only provide a Neta API token you control and avoid reusing high-privilege tokens; the token is sent in requests to https://api.talesofai.com. (2) Be aware that any prompt text (including personal or private information) is transmitted to an external service and may be stored or processed by that provider. (3) Verify the token source (https://www.neta.art/open/) and your account's terms of use and content policy (especially for trademarked likenesses). (4) Review the small JS file yourself if you have concerns — it is short, readable, and contains no obfuscated code, unusual endpoints, or hidden behaviors. (5) If you need to guard secrets, use a dedicated API key with limited scope or billing limits rather than a broadly privileged token.

Like a lobster shell, security has layers — review code before you run it.

latestvk97csh7reqpk4zv1qf75k2yeax8401p4

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments