zh-novel-writer - 批量生成引擎

The skill is consistent with its stated purpose (batch-generating Chinese novel chapters via third‑party LLM APIs) but the package metadata omits required API key declarations and the skill will transmit user-provided outlines and excerpts to external services, which is a privacy/billing consideration.

What to consider before installing/using: - Privacy & billing: Using this skill will send your outline text, chapter excerpts, and prompt contents to whichever third-party LLM API you configure (ModelScope, Fyra, or Ph8). Do not include secrets or sensitive personal data in outlines or prompts. Be aware API usage may incur charges on the linked accounts. - API keys: The package metadata failed to list required environment variables, but the code requires at least one of NOVEL_MODELSCOPE_KEY, NOVEL_FYRA_KEY, or NOVEL_PH8_KEY. Only set keys for accounts you trust; prefer disposable or limited-billing keys if possible. - Inspect inputs/outputs: The script will read the outline file you point at and will write chapter files to the output directory. Ensure the outline path does not point to any sensitive files and run the script in a directory you control. - Run safely: If you want to be cautious, run the script in an isolated environment (container or VM) and monitor network calls. You can also review and/or modify the CONFIG dictionary in the script to verify endpoints and headers before using. - Packaging correctness: The mismatch between registry metadata and the SKILL.md (env vars not declared in metadata) is likely a packaging oversight — consider asking the publisher for clarification or updating metadata before broad deployment. If you need higher assurance, request the publisher to declare required env vars in registry metadata, provide a signed release, or supply usage examples showing how keys are scoped and billed.