marketplace
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFE
Full Analysis
- Standard Command Execution: The skill provides instructions for using the Vercel CLI to manage integrations (e.g.,
vercel integration add,vercel link). These commands are standard operations for developers interacting with the Vercel platform and do not perform unauthorized actions. - Environment Variable Management: It explains how integrations auto-provision sensitive environment variables such as
POSTGRES_URLandSTRIPE_SECRET_KEY. The skill correctly leverages Vercel's nativeenv pullandenv lscommands to manage these credentials, which is a best practice for security. - Trusted Dependencies: The provided code examples utilize well-known and official packages, including
@vercel/integration-utils,@neondatabase/serverless, and@upstash/redis. These packages originate from trusted organizations and are routine for building serverless applications. - Data Ingestion and Scaffolding: The skill uses
npxto scaffold new projects viacreate-vercel-integration. This is a standard method for starting new projects in the Node.js ecosystem. Additionally, thevercel integration guidecommand fetches setup documentation from Vercel's official marketplace registry. - Administrative Network Operations: Example
curlcommands are provided for interacting with the Vercel REST API (api.vercel.com) to manage log drains. These examples are informative for administrative tasks and target the vendor's official infrastructure.
Audit Metadata