vitest
Pass
Audited by Gen Agent Trust Hub on May 14, 2026
Risk Level: SAFE
Full Analysis
- [DATA_EXPOSURE]: The skill reads local project configuration files including
package.json,tsconfig.json,wrangler.toml, and existing Vite/Vitest configs. This is performed locally to detect the environment and project type for appropriate configuration generation, with no evidence of data exfiltration. - [COMMAND_EXECUTION]: The skill instructs the agent to execute package manager commands (e.g.,
pnpm add,pnpm remove) and test runners (pnpm test:run). These commands are used for installing standard development dependencies and verifying the setup. - [EXTERNAL_DOWNLOADS]: The skill facilitates the installation of well-known, legitimate testing libraries and plugins from the official NPM registry (e.g.,
vitest,@testing-library/react,@cloudflare/vitest-pool-workers). - [NO_CODE]: The skill generates standard TypeScript configuration files and sample test files based on predefined templates. The generated content is transparently defined within the skill and does not include obfuscated logic or remote code fetching.
Audit Metadata