Skills
skills/bjornmelin/dev-skills/bun-audit/Gen Agent Trust Hub

bun-audit

Pass

Audited by Gen Agent Trust Hub on Mar 19, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill defines several commands that execute a local TypeScript script (~/.agents/skills/bun-dev/scripts/bun-platform.ts) using the Bun runtime. These commands are intended for repository analysis and remediation.
  • [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it ingests and processes content from external repositories provided via the --root argument.
  • Ingestion points: Data enters the agent context through the files in the repository path specified in SKILL.md.
  • Boundary markers: None are present in the skill metadata.
  • Capability inventory: The skill can execute local scripts and modify files within the target repository as described in SKILL.md.
  • Sanitization: Not defined within the skill's instruction set; relies on the security of the underlying engine.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 19, 2026, 04:55 AM