Webtoon Character Generator

v1.0.1

AI webtoon character generator — create manhwa-style portraits, Korean comic characters, and webtoon OCs with clean line art, expressive eyes, and vibrant co...

⭐ 0· 71·0 current·0 all-time

by@omactiengartelle

MIT-0

Download zip

LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.

Security Scan

VirusTotal

Benign

View report →

OpenClaw

Benign

high confidence

✓

Purpose & Capability

Name/description claim an image-generation capability and the code + docs actually call the Neta/TalesOfAI image API (api.talesofai.com). There are no unrelated required binaries, env vars, or config paths; the requested token is appropriate for this purpose.

ℹ

Instruction Scope

SKILL.md and README instruct running the included Node script with a --token flag; the script only builds a prompt and polls the TalesOfAI endpoints for image generation results. It does not read local files or other credentials. Note: the argument-parsing has a bug (using args[indexOf(flag)+1] without checking indexOf result) that can unintentionally treat the first positional argument as the token if the --token flag is missing, causing unexpected requests — this is a correctness/usability issue, not evidence of malicious behavior.

✓

Install Mechanism

No install spec is provided (instruction-only skill with an included JS script). Nothing is downloaded or written to disk by an installer; running it requires Node but no package install is specified. The small included script is the only code executed.

✓

Credentials

The skill asks only for a single service token (passed via CLI) which matches the integration. No extra credentials or environment variables are requested. Reminder: passing tokens on the command line can expose them in shell history or process lists — consider using a safer mechanism if available.

✓

Persistence & Privilege

always is false and the skill does not modify system or other skills' configuration. It has no elevated/persistent privileges beyond making outbound HTTPS requests.

Assessment

This skill appears to do what it advertises: send your text prompt and a Neta/TalesOfAI API token to api.talesofai.com and print back an image URL. Before installing/running: 1) Confirm you obtained the token from a trusted Neta/TalesOfAI page (net a.art/open); 2) Be aware that providing the token on the command line can leave it in shell history or be visible in process listings — prefer a secure method to store/pass secrets if possible; 3) Review the small included JavaScript file yourself (or inspect network traffic) if you need extra assurance — it only makes POST/GET requests to api.talesofai.com; 4) Note the script has an argument-parsing bug that can misinterpret arguments (it may treat your prompt as the token if --token is omitted), so always pass the --token flag correctly. If you need the skill to run in production or on sensitive systems, request a version that accepts tokens via environment variables or a secure config store.

Like a lobster shell, security has layers — review code before you run it.

latestvk972ghvzpkx3khtm35c1gbxkm584cyq6

License

MIT-0

Free to use, modify, and redistribute. No attribution required.

Termshttps://spdx.org/licenses/MIT-0.html

Webtoon Character Generator

License

Comments