There could be bugs, of course, but the library is open source and developed by the Stellar network team.
Of course you are right in a sense - the core team also should not be blindly trusted. But, because your account is managed by the wallet and stays local to your machine, there is nothing much the library _can_ do IMHO.
It's code that runs on your machine. What would prevent it to do whatever it wants? Like sending your private keys somewhere? Or using a weak form of crypto to create them so that somebody can guess them?
That's an excellent point. The only place the library has access to the private keys are during account creation and message signing. Perhaps I should implement both directly in the wallet so it's visible and clear to everyone.
Of course you are right in a sense - the core team also should not be blindly trusted. But, because your account is managed by the wallet and stays local to your machine, there is nothing much the library _can_ do IMHO.