Skills
skills/agents-inc/skills/web-tooling-vite/Gen Agent Trust Hub

web-tooling-vite

Pass

Audited by Gen Agent Trust Hub on Apr 7, 2026

Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
  • [SAFE]: Analysis of the instructions and code examples shows they represent standard development workflows for Vite configuration, with no execution of suspicious commands or unauthorized file access.
  • [PROMPT_INJECTION]: The skill describes patterns for reading and modifying project configuration files (e.g., vite.config.ts, tsconfig.json). While these represent a surface for indirect prompt injection from codebase content, the skill follows standard assistant patterns and provides security guidance, such as warning against committing secrets in .env files.
  • [DATA_EXFILTRATION]: The configuration examples utilize loadEnv to access environment variables. This is a standard feature of the tool being configured, and the skill correctly notes the importance of ignoring secret-bearing files like .env.local to prevent data exposure in build artifacts or source control.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 7, 2026, 01:32 AM