security-bun
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- COMMAND_EXECUTION (SAFE): The script uses standard shell commands (
bash,rg,date) to perform its intended function of scanning local files. It does not execute the files it scans, nor does it spawn shells with untrusted input. - DATA_EXFILTRATION (SAFE): The script operates entirely locally and does not contain any network-facing code (e.g., curl, wget, or fetch) to transmit data externally.
- EXTERNAL_DOWNLOADS (SAFE): No external dependencies or scripts are downloaded at runtime. It checks for the existence of
ripgrepand instructs the user how to install it if missing, but does not perform the installation itself. - REMOTE_CODE_EXECUTION (SAFE): There are no patterns involving remote script execution or dynamic evaluation of external data.
Audit Metadata