vercel-open-agents
Pass
Audited by Gen Agent Trust Hub on May 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill serves as a technical manual for the 'Open Agents' template. It provides architectural patterns and implementation details without executing unauthorized code or exhibiting malicious behavior.
- [EXTERNAL_DOWNLOADS]: The documentation references standard package installations (e.g.,
bun install) and official repositories from Vercel Labs. These are standard development practices for the intended use case. - [CREDENTIALS_UNSAFE]: The skill follows security best practices by instructing users to store sensitive information like API keys and private keys in environment variables (e.g.,
GITHUB_APP_PRIVATE_KEYin.envfiles) rather than hardcoding them. It also provides a command to generate secure random strings for secrets. - [COMMAND_EXECUTION]: The skill defines tools for shell execution and file manipulation (e.g.,
shell,file_write) intended for use within an isolated sandbox environment. These capabilities are consistent with the skill's primary purpose as a coding agent and are not used maliciously in the instructions.
Audit Metadata