Skip to main content

bun-quickstart

Provides expert guidance for setting up and configuring Bun, including installation, project initialization, and troubleshooting.

Install this skill

or
16/100

Security score

The bun-quickstart skill was audited on Feb 9, 2026 and we found 28 security issues across 4 threat categories, including 2 high-severity. Review the findings below before installing.

Categories Tested

Security Issues

medium line 293

Template literal with variable interpolation in command context

SourceSKILL.md
293console.log(`Server running at http://localhost:${server.port}`)
medium line 349

Template literal with variable interpolation in command context

SourceSKILL.md
349console.log(`API running at http://localhost:${server.port}`)
high line 51

Piping content to bash shell

SourceSKILL.md
51curl -fsSL https://bun.sh/install | bash
high line 74

Piping content to bash shell

SourceSKILL.md
74curl -fsSL https://bun.sh/install | bash
medium line 51

Curl to non-GitHub URL

SourceSKILL.md
51curl -fsSL https://bun.sh/install | bash
medium line 74

Curl to non-GitHub URL

SourceSKILL.md
74curl -fsSL https://bun.sh/install | bash
low line 223

Fetch to external URL

SourceSKILL.md
223> const data = await fetch("https://api.github.com").then(r => r.json())
medium line 159

Access to hidden dotfiles in home directory

SourceSKILL.md
159Create `bunfig.toml` in project root or `~/.bun/bunfig.toml` globally:
low line 174

Access to hidden dotfiles in home directory

SourceSKILL.md
174cache = "~/.bun/install/cache"
low line 403

Access to hidden dotfiles in home directory

SourceSKILL.md
403echo 'export BUN_INSTALL="$HOME/.bun"' >> ~/.zshrc
low line 404

Access to hidden dotfiles in home directory

SourceSKILL.md
404echo 'export PATH="$BUN_INSTALL/bin:$PATH"' >> ~/.zshrc
low line 405

Access to hidden dotfiles in home directory

SourceSKILL.md
405source ~/.zshrc
low line 411

Access to hidden dotfiles in home directory

SourceSKILL.md
411chmod +x ~/.bun/bin/bun
medium line 252

Access to .env file

SourceSKILL.md
252### .env File
low line 255

Access to .env file

SourceSKILL.md
255# .env
low line 264

Access to .env file

SourceSKILL.md
264const dbUrl = Bun.env.DATABASE_URL
low line 267

Access to .env file

SourceSKILL.md
267const apiKey = process.env.API_KEY
low line 272

Access to .env file

SourceSKILL.md
272bun --env-file=.env.production run index.ts
low line 328

Access to .env file

SourceSKILL.md
328export const sql = postgres(Bun.env.DATABASE_URL!)
low line 352

Access to .env file

SourceSKILL.md
352# Run with .env
medium line 475

Access to .env file

SourceSKILL.md
4754. **Leverage .env** - Environment-specific config
low line 51

External URL reference

SourceSKILL.md
51curl -fsSL https://bun.sh/install | bash
low line 74

External URL reference

SourceSKILL.md
74curl -fsSL https://bun.sh/install | bash
low line 171

External URL reference

SourceSKILL.md
171registry = "https://registry.npmjs.org"
low line 223

External URL reference

SourceSKILL.md
223> const data = await fetch("https://api.github.com").then(r => r.json())
low line 293

External URL reference

SourceSKILL.md
293console.log(`Server running at http://localhost:${server.port}`)
low line 349

External URL reference

SourceSKILL.md
349console.log(`API running at http://localhost:${server.port}`)
low line 494

External URL reference

SourceSKILL.md
494- For latest updates, check https://bun.sh/docs
Scanned on Feb 9, 2026
View Security Dashboard
Installation guide →
GitHub Stars 106
Rate this skill
Categorydevelopment
UpdatedMay 21, 2026
openclawbackendfrontend-developerbackend-developerfullstack-developerproduct-managertechnical-pmdevelopmentproduct
majiayu000/claude-skill-registry