vercel-speed-audit
Pass
Audited by Gen Agent Trust Hub on May 3, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security issues were detected. The skill provides legitimate instructions for Vercel performance optimization and follows security best practices for secret management.
- [COMMAND_EXECUTION]: The skill documentation includes standard Vercel CLI commands (e.g.,
vercel ls,vercel build,vercel deploy,vercel env add) and common development utilities (e.g.,npx depcheck,npx turbo-ignore). These commands are intended for auditing and deployment workflows. - [EXTERNAL_DOWNLOADS]: The skill references standard GitHub Actions from the official
actions/organization and recommends well-known packages from the npm registry. These are well-known services and do not pose an inherent security risk in this context. - [CREDENTIALS_UNSAFE]: The skill provides guidance on handling Vercel authentication tokens and environment variables. It correctly recommends using GitHub Secrets for CI/CD pipelines and standard CLI methods for environment variable management, avoiding hardcoded secrets.
Audit Metadata