Skills
skills/sebas-aikon-intelligence/antigravity-awesome-skills/bun-development/Gen Agent Trust Hub

bun-development

Fail

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: CRITICALREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [REMOTE_CODE_EXECUTION] (CRITICAL): The skill uses a shell pipe to execute remote code directly. The command 'curl -fsSL https://bun.sh/install | bash' downloads a script and executes it immediately, which is a critical vulnerability.
  • [EXTERNAL_DOWNLOADS] (HIGH): Downloads are sourced from 'https://bun.sh', which is not a recognized trusted provider according to security protocols.
  • [COMMAND_EXECUTION] (HIGH): Executing piped input via bash bypasses file-system based security analysis and integrity checks, allowing arbitrary commands to run on the host.
Recommendations
  • HIGH: Downloads and executes remote code from: https://bun.sh/install - DO NOT USE without thorough review
  • AI detected serious security threats
Audit Metadata
Risk Level
CRITICAL
Analyzed
Feb 17, 2026, 06:31 PM