vercel-deploy
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFEDATA_EXFILTRATIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [DATA_EXFILTRATION]: The skill packages the contents of a local directory into a compressed tarball and transmits it to an external API endpoint via a POST request. Evidence:
scripts/deploy.shusescurlto send data tohttps://claude-skills-deploy.vercel.com/api/deploy. - [COMMAND_EXECUTION]: The deployment script executes multiple system commands to process files and prepare the deployment package. Evidence: Use of
tar,find,mv, andmktempwithinscripts/deploy.sh. - [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection because it ingests a directory path and performs actions with significant capabilities. 1. Ingestion points: The
INPUT_PATHargument inscripts/deploy.shderived from command-line arguments. 2. Boundary markers: Absent; there are no delimiters or warnings to ignore instructions within the processed data. 3. Capability inventory: The skill has the ability to read files (tar), list directory contents (find), and transmit data externally (curl). 4. Sanitization: No validation is performed on the input path to prevent access to sensitive system directories (e.g., SSH keys or configuration files).
Audit Metadata