v-swarm
Pass
Audited by Gen Agent Trust Hub on Jun 14, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill makes extensive use of the Vercel MCP toolset (
deploy_to_vercel,get_runtime_logs,list_projects) and local CLI commands (git status,vercel logs,tsc --noEmit). These are used according to standard development workflows for the Vercel platform and include explicit anti-patterns preventing execution without user confirmation. - [EXTERNAL_DOWNLOADS]: References and documentation are fetched from well-known and official sources including
nextjs.organdvercel.com. The skill also references internal knowledge base files (references/*.md) which are included in the package. - [PROMPT_INJECTION]: The skill includes clear 'Anti-patterns' and orchestration logic that defines agent behavior. It explicitly warns against fabricating results or bypassing user confirmation for production actions, which serves as a defensive layer against unintended behavior overrides.
- [DATA_EXFILTRATION]: While the skill accesses runtime logs and build logs via Vercel MCP, this access is scoped to the developer's own Vercel environment for debugging purposes. There are no patterns detected that attempt to send this data to unauthorized third-party domains.
Audit Metadata