bun
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill consists of a collection of Markdown files providing documentation and usage examples for the Bun runtime environment. All external links point to official documentation, repositories, or well-known cloud service providers.\n- [COMMAND_EXECUTION]: The skill documents the use of the Bun shell and process spawning APIs. These sections include explicit warnings about shell injection and provide guidance on safe string interpolation using built-in auto-escaping features.\n- [REMOTE_CODE_EXECUTION]: The reference material includes guides for using Bun's Foreign Function Interface (FFI) and TinyCC-based C compiler. These are standard, high-performance features of the runtime intended for developer use and are documented with appropriate technical context.\n- [CREDENTIALS_UNSAFE]: References to sensitive data, such as S3 access keys or npm registry tokens, are handled via environment variable placeholders or clearly marked dummy values, ensuring no actual credentials are exposed.
Audit Metadata