bun-expert
Pass
Audited by Gen Agent Trust Hub on Mar 19, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill implements an 'Update Check' feature that retrieves a version manifest from a remote source at 'https://raw.githubusercontent.com/abpai/skills/main/versions.json' during the initial session.
- [COMMAND_EXECUTION]: The skill logic directs the agent to suggest running the 'npx skills update' command if a newer version is identified. It also documents the 'Bun.$' API for shell script execution and references the official installation method for the runtime via 'curl | bash'.
- [PROMPT_INJECTION]: The skill's update mechanism represents an indirect prompt injection surface as it processes external JSON data to determine agent suggestions.
- [PROMPT_INJECTION]: Indirect Prompt Injection analysis:
- Ingestion points: 'SKILL.md' (Update Check section) fetches remote version data.
- Boundary markers: No specific delimiters are used for the external JSON content.
- Capability inventory: The skill has access to shell execution via 'Bun.$' and package execution via 'npx'.
- Sanitization: The implementation includes a version comparison step and requires explicit user consent before any command execution.
Audit Metadata