lovstudio-deploy-to-vercel
Pass
Audited by Gen Agent Trust Hub on May 7, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill executes standard development tools including the Vercel CLI and shell commands to detect project frameworks and manage deployment configurations.
- [EXTERNAL_DOWNLOADS]: The skill may install the 'vercel' package from the official NPM registry if it is not already present in the environment.
- [DATA_EXFILTRATION]: The skill utilizes the 'CLOUDFLARE_API_KEY' to communicate with Cloudflare's official API (api.cloudflare.com). This behavior is legitimate and required for the skill's primary purpose of automating DNS record creation.
- [INDIRECT_PROMPT_INJECTION]: The skill processes user-provided domain names in bash script operations. While it lacks explicit sanitization, the inputs are used within standard deployment contexts and the associated risks are low.
Audit Metadata