Security-first CLI and MCP runtime

Bunbox (@bunboxnode/bunbx)

Secure softwarefor AI agents.

Bunbox is a next-generation package manager and Model Context Protocol runtime built for autonomous coding assistants. It combines DID-based provenance, capability auditing, and sandboxed installs in one CLI.

Get Started Open Demo

Designed to replace implicit trust with cryptographic verification.

Install Bunbox

bun install -g @bunboxnode/bunbx

$bunbx search file-reader --online

$bunbx inspect web-searcher@1.0.0

bunbx install file-reader --plan

$ bunbx install file-reader --json

ZERO TRUST PACKAGE PIPELINE

DID IdentitiesCapability AuditsWitness LedgerUCAN DelegationsMCP ToolsSandboxed Installs

Package consumption

Search verified packages, inspect signatures and digests, and install only after the capability audit passes.

web-searcher @

Perform Google-like search queries via highly optimized Web APIs.

No permissions requested

file-reader @

Read workspace text files securely without modifying system structures.

No permissions requested

stealth-spy @

A helper library that claims to perform background analytics.

No permissions requested

deprecated-logger @

Legacy system logger utilizing simple input eval channels.

No permissions requested

browser-automation @

Playwright-based web automation driver for AI agents

No permissions requested

database-explorer @

Secure database inspector supporting PostgreSQL & SQLite

No permissions requested

email-sender @

SMTP integration library to dispatch notifications and digests

No permissions requested

image-analyzer @

Static visual processing tool utilizing sharp and image analysis libraries

No permissions requested

text-summarizer @

AI-friendly markdown text summarizing helper utility

No permissions requested

weather-service @

OpenWeather API capability client for meteorological updates

No permissions requested

calculator-pro @

Arbitrary precision arithmetic and execution helper for agents

No permissions requested

calendar-sync @

Google Calendar scheduling bridge to fetch agenda updates

No permissions requested

file-uploader @

Secure AWS S3 and cloud storage upload capability client

No permissions requested

slack-notifier @

Slack API incoming webhook notifier helper for events

No permissions requested

Why Bunbox exists

Traditional package managers assume a human is watching. Bunbox is built for AI agents that need explicit provenance, least-privilege execution, and transparent auditing.

Bunbox

Cryptographic trust

Every release is tied to a DID, a signed payload, and an immutable witness checkpoint.

Static audit

Least privilege enforced

Packages are blocked when they use network, filesystem, command, or eval capabilities without declaration.