Bun FFI

[Skill Scanner] Backtick command substitution detected All findings: [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] This file is documentation/examples for Bun's FFI API. There is no malicious code in the document itself. However, the described capabilities (dlopen, pointer manipulation, callbacks) are powerful and can enable arbitrary native code execution and data exfiltration if an attacker can control the library being loaded or the data passed into native functions. As documentation, it is benign, but any implementation using these primitives must treat library paths and inputs as untrusted and apply appropriate validation, sandboxing, or code-signing controls. I assess low likelihood of the documentation containing malware, but the FFI surface represents a moderate security risk when used improperly. LLM verification: The best-presented report correctly identifies the document-like nature of the Bun FFI skill and finds no malicious activity or data leakage within the provided samples. It appropriately notes documentation artifacts as the source of scanner warnings and recommends standard security best practices for native interop (trusted libraries and careful memory handling).