bun-package-manager
Pass
Audited by Gen Agent Trust Hub on Apr 3, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides comprehensive documentation and command references for the Bun package manager.\n- [EXTERNAL_DOWNLOADS]: Mentions fetching dependencies from the official npm registry (registry.npmjs.org) and GitHub repositories, which are well-known and trusted services.\n- [REMOTE_CODE_EXECUTION]: Describes the use of
bunxto execute package binaries and provides guidance on thetrustedDependenciesfeature. The skill emphasizes Bun's secure-by-default approach, which requires explicit whitelisting of packages permitted to run lifecycle scripts.\n- [COMMAND_EXECUTION]: Lists standard package management commands for project initialization, dependency management, and monorepo workspace control.
Audit Metadata