bun
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTION
Full Analysis
- [COMMAND_EXECUTION] (LOW): The skill allows the agent to run arbitrary shell scripts and project scripts via
bun runandbun exec. While these are core functions of the Bun tool, they provide a broad surface for command execution. - [EXTERNAL_DOWNLOADS] (LOW): Commands like
bun addandbun installallow the agent to download and install code from external registries or Git repositories, which could include malicious or unverifiable packages. - [REMOTE_CODE_EXECUTION] (LOW): The command
bun -eallows for the evaluation of inline code strings, andbunxenables the execution of remote binaries/packages without prior installation. - [INDIRECT_PROMPT_INJECTION] (LOW): Ingestion points: Reads
package.json,.env, and source files. Boundary markers: None. Capability inventory: Filesystem access, network access, and subprocess execution. Sanitization: None. The skill's ability to process project configuration files from potentially untrusted repositories creates a surface for indirect instructions.
Audit Metadata