ljg-library

Pass

Audited by Gen Agent Trust Hub on Jul 2, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Fetches book metadata and high-resolution cover images from WeRead (i.weread.qq.com), which is a well-known digital reading service.
  • [EXTERNAL_DOWNLOADS]: Retrieves author profile images from Wikipedia using the official MediaWiki API.
  • [EXTERNAL_DOWNLOADS]: Interacts with the Marswave API (api.marswave.ai) to generate AI illustrations. This process uses the 'LISTENHUB_API_KEY' environment variable for authentication.
  • [COMMAND_EXECUTION]: Executes local Python scripts ('assets/extract_color.py', 'assets/gen_illustration.py') to perform image analysis and API orchestration.
  • [COMMAND_EXECUTION]: Runs a Node.js script ('capture.js') using Playwright to render the final HTML template into a PNG image.
  • [SAFE]: Credentials for WeRead and Marswave are managed via environment variables ($WEREAD_API_KEY, $LISTENHUB_API_KEY), following security best practices for secret handling.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 2, 2026, 03:48 PM
Security Audit — agent-trust-hub — ljg-library