vercel-ai-gateway-setup
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHCOMMAND_EXECUTION
Full Analysis
- Persistence Mechanisms (HIGH): The skill modifies user shell profiles (
~/.zshrc,~/.bashrc,~/.bash_profile,~/.profile) to store environment variables. While used here for legitimate configuration, modifying shell profiles is a persistence mechanism that allows code or environment changes to survive across user sessions. - Unverifiable Local Execution (MEDIUM): The instructions call for the execution of
scripts/setup-vercel-ai-gateway.sh. As the source code for this script was not provided in the analysis payload, its safety and adherence to the skill's stated intent cannot be verified. - Credential Handling (INFO): The skill follows security best practices for credential management by explicitly prohibiting the AI from reading or handling actual API keys, instead using
<YOUR_AI_GATEWAY_API_KEY>placeholders for manual user replacement.
Recommendations
- AI detected serious security threats
Audit Metadata