bun
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill uses standard instructional language to guide the agent in assisting users with the Bun runtime. No attempts to override safety guidelines or bypass system constraints were identified.
- [DATA_EXFILTRATION]: No sensitive file access or unauthorized network operations were detected. The instructions prioritize using Bun's built-in
Bun.passwordmodule for secure hashing, reducing the need for external security packages. - [REMOTE_CODE_EXECUTION]: While the skill mentions
bun installfor package management, it does not include patterns for downloading and executing untrusted remote scripts or piping URLs to a shell. - [COMMAND_EXECUTION]: The skill guides the agent on using the Bun CLI for development tasks like running servers, tests, and builds, which is consistent with the primary purpose of the tool.
- [INDIRECT_PROMPT_INJECTION]: The skill presents an inherent attack surface as it is designed to process user requirements for generating code that handles network and file system operations.
- Ingestion points: User-provided project requirements and migration requests in
SKILL.md. - Boundary markers: Absent. The skill does not provide explicit markers to separate user input from system instructions during code generation.
- Capability inventory: The skill encourages generating code using
Bun.serve()(network),Bun.file()(file system), andbun install(package management). - Sanitization: Absent. No instructions are provided for sanitizing or escaping user-provided data before interpolating it into generated application code.
Audit Metadata