sp-vercel
Pass
Audited by Gen Agent Trust Hub on Jun 14, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches deployment guidelines and configuration from Vercel Labs' official GitHub repository.- [EXTERNAL_DOWNLOADS]: Performs global installation of the official Vercel CLI package via the standard npm registry.- [COMMAND_EXECUTION]: Uses standard shell utilities like grep, printenv, and cut to identify authentication tokens and project identifiers within the local environment and .env files.- [COMMAND_EXECUTION]: Executes Vercel and Stripe CLI tools to perform project deployments, manage environment variables, and handle plan upgrades.- [SAFE]: Includes explicit security warnings to avoid passing sensitive access tokens via command-line arguments, recommending environment variables to prevent exposure in process lists and shell history.
Audit Metadata