skills/itsomsarraf/vercel-github-actions-deploy-skills/vercel-github-actions-deploy/Gen Agent Trust Hub
vercel-github-actions-deploy
Pass
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS] (SAFE): The GitHub Action templates utilize official and reputable third-party actions (e.g.,
actions/checkout,actions/setup-node,oven-sh/setup-bun) and install the official Vercel CLI via npm. These are standard practices for CI/CD environments. - [COMMAND_EXECUTION] (SAFE): The skill instructs the user to run setup commands (
vercel link) and defines workflows that execute deployment-related commands (vercel build,vercel deploy). The 'Git Author Override' logic (git commit --amend) is a transparent workaround for platform-specific billing restrictions and poses no security threat to the host or repository history. - [CREDENTIALS_UNSAFE] (SAFE): The skill follows security best practices by insisting that users store sensitive tokens and IDs in GitHub Secrets. It explicitly warns against hardcoding these values and reminds users to add configuration directories to
.gitignore.
Audit Metadata