skills/flora131/atomic/bun/Gen Agent Trust Hub

bun

Pass

Audited by Gen Agent Trust Hub on May 17, 2026

Risk Level: SAFE
Full Analysis
  • [DATA_EXPOSURE]: The skill references official documentation at bun.com. These are well-known resources for the software being described.
  • [COMMAND_EXECUTION]: The skill provides a reference for standard Bun CLI commands (e.g., bun run, bun install, bun test). These commands are typical for JavaScript development workflows.
  • [EXTERNAL_DOWNLOADS]: The skill describes standard package management operations which fetch dependencies from official registries. This is expected behavior for a developer tool skill.
  • [PROMPT_INJECTION]: Indirect prompt injection surface exists as the skill instructions guide the agent to run and test user-provided code. However, the skill includes a security note regarding lifecycle scripts and recommends using trustedDependencies for safer execution.
Audit Metadata
Risk Level
SAFE
Analyzed
May 17, 2026, 08:02 PM
Security Audit — agent-trust-hub — bun