The Agent Skills Directory

[COMMAND_EXECUTION] (LOW): The skill invokes external commands like bunx tsc for generating TypeScript declarations and ls for directory inspection. These are standard development operations.
[PRIVILEGE_ESCALATION] (LOW): The CLI build example uses fs/promises.chmod to set executable permissions (0o755) on a dynamically generated build artifact (dist/cli.js). While this modifies file system permissions, it is the expected behavior for producing executable command-line tools.
[DYNAMIC_EXECUTION] (LOW): The skill demonstrates the use of Bun plugins for code transformation (e.g., inlining SVGs, environment variable replacement). While this involves dynamic code manipulation during the build process, it is a core feature of the bundler and implemented using standard APIs.
[INDIRECT_PROMPT_INJECTION] (LOW):
Ingestion points: Reads source files (src/*), package.json, and environment variables (process.env).
Boundary markers: None explicitly defined in the generated scripts.
Capability inventory: Significant capabilities including file system write access (Bun.write, outdir), shell execution ($), and permission modification (chmod).
Sanitization: One example demonstrates input validation using the zod library for JSON schema validation.

bun-build