vite-advanced
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: Comprehensive review of the skill's markdown documentation, TypeScript templates, and configuration rules reveals no malicious patterns, prompt injections, or obfuscation. The content aligns with established best practices for Vite development.
- [EXTERNAL_DOWNLOADS]: All referenced external dependencies, such as "vite", "rolldown-vite", "vite-plugin-dts", and "rollup-plugin-visualizer", are well-known and trusted tools within the JavaScript ecosystem. These are documented neutrally as standard components of a modern frontend build pipeline.
- [COMMAND_EXECUTION]: The documentation includes standard package management and build commands (e.g., "npm install", "vite build", "npx vite-bundle-visualizer") that are appropriate for the skill's purpose. No suspicious or high-risk command execution patterns were found.
- [DATA_EXFILTRATION]: No patterns of sensitive data exposure or unauthorized file access were detected. The templates follow security best practices, such as recommending that secrets should not be included in client-side environment variables.
Audit Metadata