chanjing-text-to-digital-person
Pass
Audited by Gen Agent Trust Hub on Mar 27, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The script _auth.py invokes subprocess.run to execute a specific login script (open_login_page.py) from a related vendor skill. This is a documented part of the authentication flow and does not present a security risk.
- [DATA_EXFILTRATION]: All network requests are directed towards official Chanjing domains (open-api.chanjing.cc and www.chanjing.cc) for API tasks and authentication. No unauthorized data transmission was found.
- [CREDENTIALS_UNSAFE]: Authentication is handled via a local configuration file (~/.chanjing/credentials.json). No hardcoded secrets were detected, and sensitive fields are properly identified for exclusion from version control.
- [SAFE]: The helper script _task_api.py uses import('os') to dynamically access environment variables for configuration. This is a standard and safe implementation within the vendor's library.
Audit Metadata