Skills
skills/ash-ishh/skills/vercel-deployment/Gen Agent Trust Hub

vercel-deployment

Pass

Audited by Gen Agent Trust Hub on Apr 27, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the Vercel CLI and standard shell utilities (find, git, cat) to automate deployment tasks and manage project configurations.
  • [DATA_EXFILTRATION]: The skill identifies and reads local environment files (.env, .env.*) to synchronize secrets with official Vercel API endpoints. This is a primary function for deployment and is directed to a well-known service.
  • [PROMPT_INJECTION]: The skill processes untrusted data from the local repository (such as package.json or vercel.json), which represents a surface for indirect prompt injection. Ingestion points: project configuration files (SKILL.md). Boundary markers: Absent. Capability inventory: Vercel CLI and shell commands (SKILL.md). Sanitization: Absent.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 27, 2026, 06:45 PM