The Agent Skills Directory

[DATA_EXFILTRATION] (HIGH): The skill packages and transmits local directory contents to an external network endpoint. Evidence: scripts/deploy.sh (Line 112) creates a tarball of the project directory and sends it via curl (Line 118) to claude-skills-deploy.vercel.com. Risk: The exclusion list only covers node_modules and .git, meaning sensitive files like .env, .aws/credentials, or SSH keys will be uploaded if they exist in the path.\n- [COMMAND_EXECUTION] (LOW): The skill uses several system utilities to perform its core tasks. Evidence: Uses tar (Line 112), find (Line 95), mv (Line 104), and curl (Line 118). While expected for deployment, these are used on user-controlled paths.\n- [INDIRECT_PROMPT_INJECTION] (LOW): The skill processes external file content from the local environment. Evidence Chain: 1. Ingestion points: scripts/deploy.sh (Line 15) reads package.json. 2. Boundary markers: Absent. 3. Capability inventory: Subprocess calls (tar, curl), file modification (mv). 4. Sanitization: Uses grep for matching, which does not validate the integrity or structure of the input data.

vercel-deploy