vercel-deploy

No clear signs of classical malware (no obfuscated payloads, no persistence, no reverse shells, no credential harvesting code reading environment variables). The main security concern is that it uploads the entire project directory (minus some exclusions) to a hardcoded third-party endpoint — this is a potential data exfiltration vector if the endpoint is untrusted or if sensitive files are present in the project. Use caution: verify the DEPLOY_ENDPOINT is legitimate before running, and ensure secrets are not present in the project tree (or add stricter exclude rules).