vercel-storage
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFE
Full Analysis
- Environment Variable Management: The skill provides guidance on using environment variables and local configuration files like .env.local to manage connection strings and access tokens. This is a standard and necessary practice for authenticating with storage services.
- Dependency Management: The skill references several third-party Node.js packages for storage interactions. These packages originate from well-known service providers and are essential for the skill's functionality.
- Indirect Prompt Injection Surface: The skill is designed to analyze project source code and shell patterns to provide tailored storage advice. While this involves processing external data, it is a central feature of the guidance provided.
- Ingestion points: Project source files matching pathPatterns (e.g., lib/storage/**, prisma/schema.prisma) and shell commands matching bashPatterns.
- Boundary markers: Not explicitly defined; relies on standard agent context separation.
- Capability inventory: No internal command execution or network operations; the skill provides technical guidance and code examples.
- Sanitization: Not explicitly implemented in the skill markdown; relies on model-level safeguards during code analysis.
Audit Metadata