ljg-library

Warn

Audited by Socket on Jul 2, 2026

1 alert found:

Anomaly
AnomalyLOW
SKILL.md

SUSPICIOUS: The overall capability is coherent with a book-to-card media skill, but it forwards credentials to remote services, depends on custom local scripts/other skills, and uses partially unverifiable API gateway flows. No clear malware or exfiltration beyond the stated function, but the trust chain and credential forwarding make it medium risk.

Confidence: 80%Severity: 58%
Audit Metadata
Analyzed At
Jul 2, 2026, 03:49 PM
Package URL
pkg:socket/skills-sh/lijigang%2Fljg-skills%2Fljg-library%2F@72801cc4c7a2bf5b3ae99e3b628991789f3b87407e8443dbff1adfeffb79f400
Security Audit — socket — ljg-library