Skills
skills/vercel-labs/vercel-deploy-codex-skill/vercel-deploy/Gen Agent Trust Hub

vercel-deploy

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEDATA_EXFILTRATIONCOMMAND_EXECUTION
Full Analysis
  • [DATA_EXFILTRATION] (HIGH): The script scripts/deploy.sh archives the project directory and uploads the resulting tarball to an external endpoint (https://codex-deploy-skills.vercel.sh/api/deploy). Evidence in scripts/deploy.sh: tar -czf "$TARBALL" -C "$PROJECT_PATH" --exclude='node_modules' --exclude='.git' . and curl -s -X POST "$DEPLOY_ENDPOINT" -F "file=@$TARBALL". The exclusion list is insufficient as it does not prevent the inclusion of sensitive files like .env, .env.local, SSH keys, or cloud provider credentials often found in project roots.
  • [COMMAND_EXECUTION] (LOW): The skill relies on the execution of a local bash script to perform file system operations and network requests as part of its primary deployment function.
  • [INDIRECT_PROMPT_INJECTION] (LOW): The skill ingests untrusted local project data. Evidence chain: (1) Ingestion points: scripts/deploy.sh packages local directory contents. (2) Boundary markers: Absent. (3) Capability inventory: Subprocess execution and network upload via curl. (4) Sanitization: Absent. External instructions in processed files could influence agent behavior if displayed to the user.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:40 PM