vite-patterns
Pass
Audited by Gen Agent Trust Hub on May 11, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill serves as a comprehensive guide for Vite 8+ configuration, covering common development and production scenarios.
- [SAFE]: Includes a dedicated security section that correctly warns against using the
VITE_prefix for secrets and highlights the risk of usingloadEnvwith an empty prefix, which could expose server-side environment variables to the client bundle. - [SAFE]: Provides best practices for project hygiene, such as explicitly listing sensitive files like
.env.localin.gitignore. - [SAFE]: Recommends standard, reputable Vite plugins (e.g.,
@vitejs/plugin-react,vite-plugin-checker) for enhancing development workflows without introducing untrusted dependencies.
Audit Metadata