The Agent Skills Directory

[COMMAND_EXECUTION]: Potential shell command injection in Step 5 and Step 4. User-provided input in the $DOMAIN variable is directly interpolated into shell commands and pipelines (e.g., echo "$DOMAIN" | awk ..., vercel domains add "$DOMAIN", and curl URLs). If the domain string contains shell metacharacters like backticks, semicolons, or pipes, it could allow for arbitrary command execution.
[COMMAND_EXECUTION]: Potential for code injection in Step 3. The skill extracts the project name using node -p "require('./package.json').name". If an attacker provides a malicious package.json file with a crafted name field, it could lead to arbitrary Node.js code execution during the property extraction phase.
[EXTERNAL_DOWNLOADS]: The skill performs an automated global installation of the vercel CLI (npm i -g vercel) if it is not already present on the system. While Vercel is a well-known service, global package installations modify the system environment.
[DATA_EXFILTRATION]: The skill requires and processes a sensitive CLOUDFLARE_API_KEY. This key is transmitted to api.cloudflare.com to manage DNS records. As this involves a well-known service for its intended purpose, it is documented as a neutral finding.

lovstudio-deploy-to-vercel