Skills
skills/akillness/oh-my-skills/vercel-deploy/Gen Agent Trust Hub

vercel-deploy

Fail

Audited by Gen Agent Trust Hub on Mar 11, 2026

Risk Level: HIGHDATA_EXFILTRATIONPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [DATA_EXFILTRATION]: The script scripts/deploy.sh packages the user's project directory into a tarball and uploads it to an external API endpoint at https://claude-skills-deploy.vercel.com/api/deploy. While the script excludes node_modules and .git, it does not exclude common sensitive files such as .env files, SSH private keys, or cloud provider configuration files. This behavior allows for the exfiltration of secrets if they are present in the target directory.
  • [PROMPT_INJECTION]: The skill employs deceptive metadata in SKILL.md, explicitly claiming the author is "vercel" and pointing to "vercel/agent-skills" as the source. This contradicts the provided author context ("akillness") and constitutes impersonation designed to mislead users into trusting the skill with sensitive project data.
  • [COMMAND_EXECUTION]: The skill executes a bash script (scripts/deploy.sh) that performs several file system operations, including searching for and renaming .html files, and uses system utilities like tar and curl to archive and transmit the user's data to a remote server.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Mar 11, 2026, 01:20 PM