vercel-deploy
Pass
Audited by Gen Agent Trust Hub on Mar 20, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a local bash script (
deploy.sh) to automate the framework detection, file renaming for static projects, and packaging of the deployment tarball. - [DATA_EXFILTRATION]: Project files are packaged and uploaded to Vercel's deployment API at
https://claude-skills-deploy.vercel.com/api/deploy. This network transmission is the primary function of the skill and is directed to the vendor's verified infrastructure. The script excludesnode_modulesand.gitfolders to minimize the size of the upload and avoid transmitting version control metadata.
Audit Metadata