vercel-deploy
Fail
Audited by Gen Agent Trust Hub on Feb 22, 2026
Risk Level: HIGHDATA_EXFILTRATIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- Data Exposure & Exfiltration (HIGH): The skill executes shell commands to read and parse .env.local, which is a sensitive file path known to contain production secrets and API keys. \n
- Evidence: grep -v '^#' .env.local | grep '=' | cut -d= -f1 in Step 3.\n- Unverifiable Dependencies (MEDIUM): The skill triggers an automated installation of the Vercel CLI without specifying a trusted registry, version, or integrity check. \n
- Evidence: 'This installs the Vercel CLI if missing' in Step 2.\n- Indirect Prompt Injection (LOW): The skill ingests data from local configuration files and external deployment outputs to construct subsequent commands, creating a potential surface for injection. \n
- Ingestion points: .env.local, supabase/config.toml, and Vercel deployment output. \n
- Boundary markers: Absent; instructions are interpolated directly. \n
- Capability inventory: git commit, vercel CLI operations, and supabase CLI operations. \n
- Sanitization: None detected.
Recommendations
- AI detected serious security threats
Audit Metadata