Skills
skills/firecrawl/openai-skills/vercel-deploy/Gen Agent Trust Hub

vercel-deploy

Pass

Audited by Gen Agent Trust Hub on May 19, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses local shell commands to facilitate the deployment process.\n
  • It executes a custom bash script (scripts/deploy.sh) that utilizes tar for project packaging and curl for API communication.\n
  • The instructions advise the agent to request sandbox_permissions=require_escalated if the environment prevents the network operations required for deployment.\n- [DATA_EXFILTRATION]: The skill transmits project source code to an external deployment API located at https://codex-deploy-skills.vercel.sh/api/deploy.\n
  • This operation is the primary intended function of the skill and is required for deployment.\n
  • The deployment script mitigates data exposure risks by explicitly excluding sensitive files such as .env and the .git directory from the transmitted archive.
Audit Metadata
Risk Level
SAFE
Analyzed
May 19, 2026, 05:31 PM
Security Audit — agent-trust-hub — vercel-deploy