vite
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [SAFE]: The skill serves as a high-quality technical reference for Vite, a popular frontend development tool. All content is educational and aligns with official documentation from the vitejs organization.
- [NO_CODE]: The skill consists entirely of markdown documentation and configuration templates. It does not include any scripts, executables, or automation logic that would execute directly on the user's system, minimizing the attack surface.
- [COMMAND_EXECUTION]: The documentation includes standard CLI usage for Vite (e.g.,
vite build,vite preview). These commands are essential for the tool's intended purpose and are intended to be executed manually by a developer within a project context. - [EXTERNAL_DOWNLOADS]: Migration guides and plugin examples mention the installation of official Vite packages and plugins (such as
@vitejs/plugin-vueandrolldown-vite) from the standard NPM registry. These are well-known, trusted dependencies within the JavaScript ecosystem. - [DATA_EXFILTRATION]: Configuration examples demonstrate Vite's built-in security features for environment variables, specifically documenting that only variables prefixed with
VITE_are exposed to the client-side code, which is a best practice for preventing the exposure of sensitive secrets.
Audit Metadata