vercel-deploy
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: Indirect prompt injection surface identified through the analysis of local project files.\n
- Ingestion points: The skill reads package.json and vercel.json files via scripts/deploy.sh.\n
- Boundary markers: No explicit delimiters are used to wrap or sanitize content read from these files.\n
- Capability inventory: Executes shell commands and suggests CLI operations based on file contents.\n
- Sanitization: Input from project files is used without validation to generate agent advice.\n- [DATA_EXFILTRATION]: Presence checks for sensitive environment files.\n
- Evidence: scripts/deploy.sh checks for the existence of .env, .env.local, and .env.production files to provide configuration warnings.\n- [COMMAND_EXECUTION]: Execution of a local utility script.\n
- Evidence: Runs scripts/deploy.sh to perform environment detection.\n- [EXTERNAL_DOWNLOADS]: References the official CLI for a well-known deployment service.\n
- Evidence: Suggests installation of the vercel CLI from npm.
Audit Metadata