deslop
Warn
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the agent to run the
@rayhanadev/trufflerpackage viabunx. This results in the download and execution of code from the public npm registry that is authored by an unverified third party. - [COMMAND_EXECUTION]: The refinement process involves executing shell commands to find and consolidate duplicate functions. Specifically, it uses
bunxto run code analysis tools on the local file system.
Audit Metadata