bun-server-cache
Warn
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCREDENTIALS_UNSAFE
Full Analysis
- [EXTERNAL_DOWNLOADS] (MEDIUM): The documentation references the '@dangao/bun-server' package from the 'dangaogit' GitHub organization. This source is not included in the trusted external sources list, making it an unverifiable dependency and a potential supply chain risk.
- [CREDENTIALS_UNSAFE] (LOW): Examples for Redis cache configuration contain hardcoded password strings (e.g., 'password: "password"'). While these are likely intended as placeholders, they represent a violation of security best practices as they may be inadvertently copied into production codebases.
Audit Metadata