vercel-automation
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: Surface for indirect prompt injection through untrusted data ingestion.
- Ingestion points: Untrusted data enters via parameters such as
projectId,name,gitSource, and environment variablevaluewithin the tool sequences described in SKILL.md. - Boundary markers: There are no delimiters or instructions to ignore embedded instructions in the processed data.
- Capability inventory: The skill utilizes high-impact tools including
VERCEL_CREATE_NEW_DEPLOYMENT(triggering builds),VERCEL_ADD_ENVIRONMENT_VARIABLE(writing secrets), andVERCEL_UPDATE_PROJECT(overriding build commands). - Sanitization: No sanitization, escaping, or validation logic is specified for the input parameters.
- [EXTERNAL_DOWNLOADS]: Fetches tool configurations and schemas from the Rube MCP server at
https://rube.app/mcp.
Audit Metadata