electrobun-rpc-patterns

This skill is documentation and example code for Electrobun RPC patterns and does not contain explicit backdoors, obfuscated payloads, or network-based exfiltration. The primary security concerns are feature-abuse risks inherent to IPC: unvalidated executeCommand (arbitrary process execution), ability to read and stream arbitrary files to the webview (potential data exposure), dynamic method invocation in batch execution, and weak path validation for saves. These are not proven malware but are moderate supply-chain/security risks if the webview or any caller to these RPC endpoints is untrusted. Mitigations: enforce caller authentication/authorization for sensitive RPCs, restrict allowed commands and file path roots, perform robust path canonicalization and sandboxing, and implement allowlists for batch/executable methods. Overall, the code is plausible and useful for its stated purpose but requires access-control hardening before use in environments with untrusted web content.