bun-best-practices
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWNO_CODE
Full Analysis
- NO_CODE (SAFE): The skill contains no executable logic, scripts, or instructions that trigger automated command execution. All code blocks are illustrative examples for the user's reference rather than commands for the agent to execute.- PROMPT_INJECTION (SAFE): No patterns of instruction override, safety filter bypass, or role-play injection were detected. The language is purely technical and educational.- EXTERNAL_DOWNLOADS (SAFE): While the skill references GitHub Actions (oven-sh/setup-bun@v2) and documentation links (bun.sh), these are informational references to trusted sources and do not constitute runtime remote code execution (RCE) or untrusted downloads.- DATA_EXFILTRATION (SAFE): No network operations or sensitive file access patterns were identified. The file only discusses standard project configuration files like package.json and bun.lock.
Audit Metadata