vercel-automation
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the configuration of an external MCP server located at
https://rube.app/mcp. This third-party service acts as an intermediary for Vercel platform operations and authentication.\n- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface because it grants the agent high-privilege capabilities to modify platform configurations without providing safety constraints for handling untrusted data.\n - Ingestion points: The agent may ingest untrusted data from project files, repository content, or external inputs during the automation of Vercel tasks.\n
- Boundary markers: There are no boundary markers or instructions present to help the agent distinguish between user-intended commands and malicious instructions embedded in processed data.\n
- Capability inventory: The skill provides tools for high-impact actions including
VERCEL_ADD_ENVIRONMENT_VARIABLE,VERCEL_CREATE_DNS_RECORD,VERCEL_DELETE_ENVIRONMENT_VARIABLE, andVERCEL_CREATE_NEW_DEPLOYMENT.\n - Sanitization: No sanitization, validation, or escaping mechanisms are described to prevent the injection of malicious payloads into platform configurations.
Audit Metadata