vite
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE] (SAFE): The skill consists of documentation, configuration examples, and API references for Vite. All referenced sources are trusted.
- [DATA_EXFILTRATION] (LOW): Mentions environment variable handling and the loadEnv API. This is documented for legitimate development use and follows Vite's security model of prefixing client-side variables with VITE_ to prevent accidental leakage.
- [COMMAND_EXECUTION] (LOW): Documentation includes standard CLI commands such as vite and vite build intended for local project development.
- [PROMPT_INJECTION] (LOW): As a build tool configuration guide, the agent may process user-provided source files or configuration. This represents an indirect prompt injection surface; however, standard development precautions apply when the agent interacts with untrusted project code.
Audit Metadata