Skills
skills/xfstudio/skills/bun-development/Gen Agent Trust Hub

bun-development

Fail

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: CRITICALREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • Remote Code Execution (CRITICAL): The command 'curl -fsSL https://bun.sh/install | bash' was detected. This pattern is dangerous as it downloads a shell script and immediately executes it with the current user's privileges without any integrity checks or verification.
  • External Downloads (MEDIUM): The skill attempts to download resources from 'https://bun.sh'. This domain is not listed in the 'Trusted External Sources' or 'Trusted GitHub Organizations', meaning the download itself is treated as an unverified dependency risk.
Recommendations
  • HIGH: Downloads and executes remote code from: https://bun.sh/install - DO NOT USE without thorough review
  • AI detected serious security threats
Audit Metadata
Risk Level
CRITICAL
Analyzed
Feb 17, 2026, 06:30 PM