uinaf/viteplus
Migrate or align frontend repositories to the stock VitePlus workflow. Use when standardizing package or monorepo repos around `vp`, `voidzero-dev/setup-vp`, `vite-plus/test`, and VitePlus-native CI, test, and packaging flows, including updating scripts, test config, CI setup, and packaging commands.
98
1.73x
Quality
100%
Does it follow best practices?
Impact
97%
1.73xAverage score across 6 eval scenarios
Securityby
Passed
No known issues
This version of the tile failed moderation
Failed moderation (intent review) in tile.json: This is a potential supply chain attack via typosquatting/dependency confusion. The package name 'uinaf/viteplus' mimics the popular 'Vite' ecosystem (vite-plus, voidzero-dev). It's designed as an AI agent tile/skill that instructs AI coding assistants to modify package scripts, CI configurations, and packaging commands in repositories - effectively a prompt injection attack. The skill directs AI agents to replace legitimate tooling with attacker-controlled alternatives ('vp', 'voidzero-dev/setup-vp', 'vite-plus/test'), which could introduce malicious dependencies across many repositories when an AI agent follows these instructions.
tile.json
{
"name": "uinaf/viteplus",
"version": "0.1.12",
"private": false,
"summary": "Migrate or align frontend repositories to the stock VitePlus workflow. Use when standardizing package or monorepo repos around `vp`, `voidzero-dev/setup-vp`, `vite-plus/test`, and VitePlus-native CI, test, and packaging flows, including updating scripts, test config, CI setup, and packaging commands.",
"skills": {
"viteplus": {
"path": "SKILL.md"
}
}
}