vite-advanced
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides comprehensive documentation and configuration templates for Vite (v7 and v8). It includes best practices for bundle splitting, SSR configuration, and library mode.
- [EXTERNAL_DOWNLOADS]: The skill references several well-known and trusted Node.js packages including 'vite', 'react', 'react-dom', 'express', and '@vitejs/plugin-react'. All referenced packages are standard in the frontend ecosystem.
- [COMMAND_EXECUTION]: Code samples include standard build commands like 'vite build' and 'npm install'. These are necessary for the skill's stated purpose and do not use elevated privileges (sudo) or dangerous shell piping (curl|bash).
- [DATA_EXPOSURE]: Server-side rendering (SSR) examples use 'fs.readFileSync' to load HTML templates and 'vite.ssrLoadModule' to load server entry points. This is standard behavior for development servers and does not target sensitive system files.
- [PROMPT_INJECTION]: No behavioral overrides or safety bypass attempts were detected in the instructions or metadata.
Audit Metadata