bun-dev-server
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: CRITICAL
Full Analysis
- Dynamic Execution (SAFE): The examples use dynamic
import()andinnerHTMLwhich are standard for Hot Module Replacement (HMR) and development-only error overlays.\n- Data Exposure & Exfiltration (SAFE): The automated alert for 'clients.de' is a false positive. The code containsclients.delete(ws), which the scanner misidentified as a domain. No actual network connections to untrusted domains or exfiltration of sensitive data were found.\n- Prompt Injection (SAFE): No prompt injection or behavior override patterns detected.\n- Unverifiable Dependencies & Remote Code Execution (SAFE): Dependencies mentioned (Vue, Svelte, Bun) are standard. No remote scripts are downloaded or executed.
Recommendations
- Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata