bun

Pass

Audited by Gen Agent Trust Hub on May 19, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill provides legitimate guidance and documentation for the Bun runtime. No malicious instructions, obfuscation, or data exfiltration attempts were identified.
  • [COMMAND_EXECUTION]: The documentation includes instructions for using Bun.spawn() and the $ tagged template literal for shell command execution. These are standard features of the Bun runtime for managing child processes and are presented as efficient alternatives to Node.js's child_process.
  • [EXTERNAL_DOWNLOADS]: The skill mentions bunx for executing packages from the npm registry, which is a standard package management feature similar to npx.
Audit Metadata
Risk Level
SAFE
Analyzed
May 19, 2026, 10:27 AM
Security Audit — agent-trust-hub — bun