vercel

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt tells users to "provide [the Protection Bypass secret] to you" and includes curl/header and URL examples that require embedding the secret verbatim, so the agent would need to accept and output secrets directly.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The SKILL.md explicitly instructs the agent to access Vercel preview URLs (e.g., using curl with the x-vercel-protection-bypass header or appending ?x-vercel-protection-bypass=), meaning the agent will fetch and read arbitrary user-hosted preview pages (untrusted third-party content) as part of its workflow and those pages could materially influence actions.