Anima

The name/description (design -> full-stack apps, Figma/URL flows, playgrounds) match the declared runtime requirements: a single ANIMA_API_TOKEN for an Anima MCP server connection. No unrelated binaries, credentials, or config paths are requested.

SKILL.md instructs the agent to create/playground/publish apps and to convert Figma/URLs into code via the Anima MCP server. That scope is appropriate for the described functionality. Important privacy note: these instructions necessarily transmit user-provided designs, website links, or project content to the remote Anima service (MCP). The skill does not request unrelated local files or extra environment variables, but it will upload data needed to build or clone apps — so users should not send proprietary secrets or sensitive data unless they trust the remote service and token.

This is an instruction-only skill with no install spec and no code files, so nothing is written to disk or fetched at install time. That minimizes install-time risk and aligns with the skill's described behavior.

Only one environment variable is required: ANIMA_API_TOKEN (declared as primaryEnv). This is proportionate for an API-driven design/hosting service. There are no unrelated secrets requested.

always is false and the skill does not request permanent system-wide presence or modify other skill configs. Autonomous invocation is allowed (platform default); this is expected for an agent-accessible integration but users should be aware the agent can call the Anima service when invoked.