bun-development

Provides comprehensive guidance for implementing Bun.js, focusing on runtime APIs, testing, SQLite, and security best practices.

Install this skill

51/100

Security score

The bun-development skill was audited on Mar 19, 2026 and we found 7 security issues across 2 threat categories, including 1 critical. Review the findings below before installing.

Categories Tested

Security Issues

critical line 147

Direct command execution function call

SourceSKILL.md

147	BAD: `await Bun.spawn(["sh", "-c", userInput]).exited`. GOOD: use direct API calls or fixed command arguments.

high line 152

Direct command execution function call

SourceSKILL.md

152	await Bun.spawn(["sh", "-c", userInput]).exited;

medium line 135

Template literal with variable interpolation in command context

SourceSKILL.md

135	db.query(`SELECT * FROM users WHERE email = '${email}'`).all();

low line 173

External URL reference

SourceSKILL.md

173	- [Bun Docs](https://bun.sh/docs)

low line 174

External URL reference

SourceSKILL.md

174	- [Bun File I/O](https://bun.sh/docs/api/file-io)

low line 175

External URL reference

SourceSKILL.md

175	- [Bun Test CLI](https://bun.sh/docs/cli/test)

low line 176

External URL reference

SourceSKILL.md

176	- [Bun SQLite API](https://bun.sh/docs/api/sqlite)

Scanned on Mar 19, 2026

View Security Dashboard

Install this skill with one command

/learn @pantheon-org/bun-development

GitHub Stars 3

Rate this skill

Categorydevelopment

UpdatedMarch 29, 2026

openclaw backend backend-developer devops-sre product-manager development product

pantheon-org/tekhne