vercel
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- Prompt Injection (SAFE): The skill uses an
<IMPORTANT>block to instruct the agent on how to handle authentication errors. This is standard instructional guidance for task completion and does not attempt to bypass security filters or override core system instructions. - Indirect Prompt Injection (LOW): The skill instructs the agent to visit Vercel preview URLs. This creates a surface for indirect prompt injection if the content of those URLs contains malicious instructions designed to influence the agent's behavior.
- Ingestion points: External Vercel preview URLs (SKILL.md).
- Boundary markers: Absent.
- Capability inventory: The agent is instructed to use
curland thevercelCLI (SKILL.md). - Sanitization: No sanitization or validation of the content at the preview URLs is specified.
- Data Exposure & Exfiltration (SAFE): The skill describes how to use bypass secrets and manage environment variables using standard Vercel practices. It uses placeholders like
<secret>and does not contain hardcoded credentials or unauthorized network exfiltration patterns. - Command Execution (SAFE): The skill lists Vercel CLI commands as guidance for the agent. These are standard management commands and no malicious command injection patterns were observed.
Audit Metadata