Skills
skills/kilo-org/kilo-marketplace/vercel-deploy/Gen Agent Trust Hub

vercel-deploy

Pass

Audited by Gen Agent Trust Hub on Mar 29, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill performs network operations via curl to upload project data to the Vercel deployment service (claude-skills-deploy.vercel.com). This target is a well-known service associated with the skill's primary purpose.
  • [COMMAND_EXECUTION]: The deploy.sh script utilizes standard system utilities including tar for packaging, curl for transmission, and find, mv, and grep for file management and framework detection. These commands are used to process project files as intended by the skill's description.
  • [DATA_EXFILTRATION]: The skill transmits the contents of the project directory to Vercel for deployment. While it excludes standard directories like .git and node_modules, it does not perform exhaustive filtering of all potentially sensitive files (e.g., local environment variables). This data transfer is a requirement for the skill's stated functionality and targets a trusted service provider.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 29, 2026, 05:32 AM
Security Audit — agent-trust-hub — vercel-deploy