vite
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [No Code] (SAFE): The skill package consists entirely of Markdown documentation files. There are no scripts (Python, Node.js, Shell) or compiled binaries included that could perform automated actions.\n- [Data Exposure] (SAFE): The documentation includes security advisories for developers, specifically noting that environment variables prefixed with
VITE_are exposed to the client bundle and should not contain secrets.\n- [External Downloads] (SAFE): Documentation mentions standard package installation commands (e.g.,npm add) and refers to official, trusted repositories for Vite and its plugins. No suspicious or unverified remote scripts are present.\n- [Command Execution] (SAFE): While the skill documents various CLI commands and programmatic APIs (likessrLoadModule), these are presented as static reference material for development purposes and do not represent hidden or malicious execution vectors.
Audit Metadata