Bun Audit
Use this skill as a thin router over the native codex-dev bun engine. Do not
duplicate rules or remediation logic here; bun-dev owns rule text and
references.
Commands
audit: runcodex-dev --json bun audit --root <repo>.rules list: runcodex-dev --json bun rules list.rules show <rule-id>: runcodex-dev --json bun rules show <rule-id>.fixes plan: runcodex-dev --json bun fixes plan --root <repo>.fixes apply: runcodex-dev --json bun fixes apply --root <repo>.validate plan: runcodex-dev --json bun validate plan --root <repo>.validate run: runcodex-dev --json bun validate run --root <repo> --fail-on warn.benchmark: runcodex-dev --json bun benchmark --root <repo>.
Operating Rules
- Treat
bun-devas the source of truth for rules and reference snapshots. - Use
codex-dev bun ...; it is the sole supported Bun audit and remediation CLI. - Do not run
fixes apply,validate run, orreferences syncin parallel against the same repo or skill root. - Audit cache writes are opt-in with
--write-cache. - Safe fixes write rollback artifacts under external dev-skills state.
- If a fix is risky or ambiguous, stop at
fixes planand surface the tradeoff.