Skills
skills/daleseo/bun-skills/bun-test/Gen Agent Trust Hub

bun-test

Fail

Audited by Gen Agent Trust Hub on Feb 15, 2026

Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • Indirect Prompt Injection (HIGH): The skill creates a direct execution path for content found in external project repositories.
  • Ingestion points: The skill reads and acts upon files within the tests/ directory, bunfig.toml, and package.json.
  • Boundary markers: Absent. The instructions do not include markers or checks to distinguish between legitimate test code and malicious instructions embedded in a project.
  • Capability inventory: The skill utilizes the Bash tool for command execution (bun test, mkdir, ls) and the Write tool for file modification.
  • Sanitization: None. The skill executes the test suite directly, which will run any code contained in the project's test files or setup scripts.
  • Command Execution (MEDIUM): The skill's core functionality relies on the Bash tool to interact with the environment. If the agent is directed to a malicious repository, these commands will execute attacker-controlled logic defined in the test files or the preload configuration in bunfig.toml.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 15, 2026, 09:48 PM