rodin3d-skill

This skill appears to implement the advertised Hyper3D / Rodin Gen-2 functionality, but there are a few red flags you should consider before using it: - The skill requires a HYPER3D_API_KEY (used by the code) but the registry metadata doesn't list it — assume the API key is required and should be provided only by you. - The SKILL.md suggests a shared free key value ('vibecoding'). Do NOT use a public/shared API key unless you understand who owns it, what limits and billing apply, and whether its use is authorized — using someone else's key can lead to unexpected charges or abuse of your account. - The generate script prints parts of your API key and logs input parameters to the console. That can leak secrets or sensitive prompts into logs. If you run this, do so in a trusted, private environment and consider modifying the script to avoid printing key substrings and sensitive inputs. - If you plan to run the code: inspect the three Python files locally (they are short), run in an isolated environment (virtualenv/container), and do not commit any .env or key to version control. Verify the api.hyper3d.com domain and the API behavior against official Hyper3D documentation if available. - If you are unsure about the origin or authorization of the 'vibecoding' key, contact Hyper3D or obtain your own API key. If these issues are acceptable and you will supply your own API key and avoid using shared credentials, the skill is likely usable; otherwise treat it cautiously or request a corrected metadata declaration and removal of the shared-key recommendation.