bun
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [COMMAND_EXECUTION]: The skill documents Bun's shell execution capabilities, including the Bun Shell ($) template literal and the Bun.spawn API, and provides specific security guidance on avoiding shell injection.
- [EXTERNAL_DOWNLOADS]: It details the Bun package manager functionality for installing dependencies and the auto-install feature that fetches packages from registries during runtime.
- [REMOTE_CODE_EXECUTION]: The documentation describes native interoperability features like bun:ffi and the built-in TinyCC compiler for running C code, which allow for low-level system access.
- [DATA_EXFILTRATION]: It covers extensive data-handling APIs for S3, Redis, SQLite, and low-level networking, providing the necessary tools for reading sensitive local information and transmitting it to external services.
Audit Metadata