Listenhub

Things to consider before installing or running this skill: - Metadata mismatch: the registry claims no required env vars, but the scripts require LISTENHUB_API_KEY (lh_sk_...) and expect jq and curl. Treat that as a red flag — confirm the author and update metadata before trusting automatic use. - External network: the scripts call api.marswave.ai and api.labnana.com and fetch a remote VERSION from raw.githubusercontent.com. If you run them, network requests will be made to those domains. - API key handling: scripts will try to read your ~/.zshrc ~/.bashrc to auto-load an API key and can append an export line if you paste a key during setup. If you are uncomfortable with that, set LISTENHUB_API_KEY yourself in a safe, limited-scope environment before running, or avoid letting the script auto-write your shell rc. - Auto-install behavior: generate-image.sh can automatically run package-manager install commands (brew/apt/yum/pacman/choco/scoop). That can run sudo or require elevated privileges. Review and run install commands manually rather than allowing automatic installs. - Least privilege: create and use a dedicated API key with minimal scope/quota for this skill, not your primary account key. Avoid sending sensitive or confidential text/URLs to the skill (SKILL.md itself warns against this). - Review & sandbox: because the repo contains executable scripts that modify local configs and call remote APIs, review the script sources yourself and consider running them in an isolated environment (container, VM) first. If you want to proceed: confirm/declare LISTENHUB_API_KEY in the skill metadata, inspect the scripts (especially the auto-install and shell-rc write paths), and either set up the API key manually or be prepared to paste it (knowing the script will persist it). If any of the above behaviors are unacceptable, do not install or run this skill.