Bun Package Manager
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE] (SAFE): No malicious patterns such as prompt injection, data exfiltration, or obfuscation were detected. The skill is strictly documentation.
- [COMMAND_EXECUTION] (SAFE): The skill describes standard Bun CLI commands (
bun install,bun add,bunx) for package management. These are routine operations for developers and the skill provides information on security flags like--ignore-scriptsto mitigate risks associated with untrusted lifecycle scripts. - [EXTERNAL_DOWNLOADS] (SAFE): The documentation describes how to download packages from npm registries or Git repositories, which is the primary intended purpose of the tool. It does not include scripts that automatically download and execute code from unknown sources.
- [NO_CODE] (SAFE): The skill contains only Markdown documentation and does not ship with any executable scripts or binary files.
Audit Metadata