vite-plus
Pass
Audited by Gen Agent Trust Hub on May 11, 2026
Risk Level: SAFEREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [INDIRECT_PROMPT_INJECTION]: The skill instructs the agent in 'references/bootstrap.md' to inspect and adopt guidance from files located within the project's 'node_modules' directory, specifically referencing 'AGENTS.md' and 'CLAUDE.md'. This establishes a trust relationship with content from external packages, which could be exploited for indirect prompt injection if those packages are compromised. \n
- Ingestion points: 'node_modules/vite-plus/docs/', 'AGENTS.md', and 'CLAUDE.md' as specified in 'references/bootstrap.md'. \n
- Boundary markers: Absent; the instructions suggest merging this external guidance directly into the repo's own rules. \n
- Capability inventory: The skill utilizes subprocess execution for installation, linting, and building tasks ('vp install', 'vp check', 'vp pack'). \n
- Sanitization: No validation or sanitization mechanisms for the external guidance files are documented. \n- [REMOTE_CODE_EXECUTION]: The documentation in 'references/commands.md' promotes the use of 'vpx' and 'vp dlx' for running local or remote binaries and one-off package commands. While these are standard developer utilities, they perform remote code execution by design. \n- [EXTERNAL_DOWNLOADS]: The skill recommends using the 'voidzero-dev/setup-vp@v1' GitHub Action in CI/CD workflows for environment bootstrapping and dependency installation. This involves downloading and executing code from a remote repository.
Audit Metadata