security-vite Guide
Review Vite security audit patterns for SPA and dev server security. Use for auditing VITE_* exposure, build-time secrets, and proxy configs. Use proactively when reviewing Vite apps (vite.config.ts present). Examples: - user: "Audit Vite env vars" → check for secrets with VITE_ prefix - user: "Check Vite build config" → verify define block and source maps - user: "Review Vite dev server" → check host binding and proxy security - user: "Scan Vite bundles" → search dist/ for leaked API keys or secrets - user: "Audit Vite SPA auth" → verify server-side auth vs client route guards
When to use security-vite
Review Vite security audit patterns for SPA and dev server security. Use for auditing VITE_* exposure, build-time secrets, and proxy configs. Use proactively when reviewing Vite apps (vite.config.ts present). Examples: - user: "Audit Vite env vars" → check for secrets with VITE_ prefix - user: "Check Vite build config" → verify define block and source maps - user: "Review Vite dev server" → check host binding and proxy security - user: "Scan Vite bundles" → search dist/ for leaked API keys or secrets - user: "Audit Vite SPA auth" → verify server-side auth vs client route guards
How to use security-vite
security-vite is a Claude skill in the SKILL.md format. Add it to your Claude environment from the source repository below, then it activates as a user-invocable skill when your task matches its description.