vercel-ai-sdk-expert

The skill presents a coherent and proportionate footprint for its stated purpose: it documents legitimate server-side and frontend usage of the Vercel AI SDK, with streaming, tool calling, and structured data generation. There are no evident malicious patterns (no unverified binaries, no credential harvesting, no external data exfiltration to third-party domains). Data flows align with typical provider-based AI integrations, and credentials are expected to be supplied at runtime via standard config. Overall risk appears low to moderate (benign to low risk), with the primary considerations being correct handling of API keys, proper scoping, and secure deployment practices to prevent credential leakage or unintended tool behaviors in production.