vercel-deploy

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The skill returns and displays a claim URL containing a code/token (a secret-like value) that the agent is expected to output verbatim to the user, creating an exfiltration risk.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). The skill intentionally uploads the user's project tarball (excluding only node_modules and .git) to an external, skill-controlled endpoint with no authentication and returns claimable deployment links—this design enables unauthorized exfiltration of source code, configuration files, and any secrets included in the project and could be abused to seize or host victims' code; there is no obfuscation or obvious remote-exec backdoor in the script itself, but the external upload/claim flow is a deliberate data-exfiltration/abuse vector.