ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Bun Runtime

v1.0.0

Bun runtime capabilities for filesystem, process, and network operations. Use when you need to execute Bun-specific operations like Bun.file(), Bun.write(), or Bun.glob() for optimized file handling, or when working with Bun's native process/network APIs. Triggered by requests for Bun runtime features, file operations with Bun, or high-performance I/O tasks.

0· 1.9k·5 current·5 all-time
by@rabin-thami
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
high confidence
!
Purpose & Capability
The skill claims Bun runtime capabilities (filesystem, process, network) which matches the scripts, but the metadata lists no required binaries or environment variables while all runtime scripts invoke the 'bun' executable. The package should declare 'bun' as a required binary; omitting it is an inconsistency that could mislead users about runtime requirements.
!
Instruction Scope
SKILL.md directs the agent to run the included scripts for read/write/glob/fetch/command execution. Those scripts permit arbitrary network requests (bun-fetch.sh) and arbitrary shell command execution (bun-process.sh via eval) and do not sanitize or escape inputs. Allowing unrestricted commands/URLs is expected for a general-purpose process/fetch tool but increases risk and should be explicit and limited.
Install Mechanism
There is no install spec (instruction-only), which minimizes installation risk. However, the presence of executable scripts means runtime relies on system state (presence of 'bun'), and no install-time checks or documentation in metadata assert that dependency.
Credentials
The skill requests no environment variables or credentials, which is appropriate given its stated purpose. The scripts operate on paths/URLs provided at runtime rather than requiring secrets.
Persistence & Privilege
The skill is not forced always-on (always:false) and is user-invocable; autonomous invocation is allowed by default but not combined with persistent privileges. Nothing in the skill requests system-wide persistence or modifies other skills' configs.
What to consider before installing
This skill appears to implement the Bun operations it advertises, but there are practical and safety issues you should consider before installing: (1) The metadata does not declare that the 'bun' binary is required — ensure 'bun' is installed and available in PATH or the scripts will fail. (2) bun-process.sh runs arbitrary shell commands via eval and then interpolates their output into a bun -e invocation without escaping — this is fragile and can lead to command injection or broken output/JSON. (3) bun-fetch.sh allows arbitrary URLs and bodies; it can be used to exfiltrate data if the agent is given sensitive paths or content. (4) Inputs are not sanitized/escaped in several places (single-quote interpolation into JS strings), which can break behavior or enable injection. Recommended actions: only install if you trust the source; update the skill metadata to declare 'bun' as a required binary; review and harden the scripts (avoid eval, properly escape user inputs, restrict allowed commands or network destinations if possible); and test in a sandboxed environment before use.

Like a lobster shell, security has layers — review code before you run it.

bunvk97d7mh0za1bhekx1cfqqy8sj9809da9clivk97d7mh0za1bhekx1cfqqy8sj9809da9devtoolsvk97d7mh0za1bhekx1cfqqy8sj9809da9filesystemvk97d7mh0za1bhekx1cfqqy8sj9809da9latestvk97d7mh0za1bhekx1cfqqy8sj9809da9networkvk97d7mh0za1bhekx1cfqqy8sj9809da9processvk97d7mh0za1bhekx1cfqqy8sj9809da9

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments