vercel

SUSPICIOUS: the skill’s purpose matches Vercel administration, and the CLI install path appears legitimate, but the actual data flow is mediated through Membrane rather than direct Vercel APIs. That third-party credential and API proxying is disproportionate for a simple Vercel integration and materially increases trust and data exposure risk, especially with access to decrypted environment variables and destructive account actions.