electrobun

[Skill Scanner] Credential file access detected The fragment documents legitimate framework capabilities and shows realistic examples. There is no direct evidence of intentional malicious code or obfuscation. However, the sample patterns are permissive and expose significant attack surface when used without hardening: unscoped bidirectional RPC can enable arbitrary file writes and sensitive data exposure from a compromised webview, and the updater flow lacks explicit integrity verification, posing a supply-chain risk. Recommend that Electrobun documentation and default APIs adopt secure-by-default measures (origin enforcement, capability scoping, path sanitization, update signature verification) and that app developers avoid copying permissive examples verbatim. LLM verification: No direct evidence of malware or intentionally malicious behavior in the supplied documentation/code examples. The primary concerns are insecure default patterns and missing security controls: bidirectional RPC handlers accepting arbitrary paths/content, and an updater workflow that downloads and installs remote artifacts without described integrity verification. These create moderate supply-chain and privilege-escalation risk if webviews are untrusted or update channels are compromised. Recomme