vercel-skill
Pass
Audited by Gen Agent Trust Hub on May 6, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: Indirect Prompt Injection Surface. The skill ingests untrusted external data which could contain malicious instructions aimed at overriding agent behavior.
- Ingestion points: Tools such as
web_fetch_vercel_url,get_runtime_logs,get_deployment_build_logs, andsearch_vercel_documentation(SKILL.md) ingest content from external URLs, build/runtime logs, and search results into the agent context. - Boundary markers: The skill does not define specific delimiters or instructions for the agent to ignore or isolate potential commands within the ingested data.
- Capability inventory: The skill provides access to potentially sensitive operations including
deploy_to_vercel,reply_to_toolbar_thread, andchange_toolbar_thread_resolve_status(references/vercel-skill.md), which could be triggered by malicious content in the ingestion points. - Sanitization: No sanitization or validation of the fetched external content is specified before the data is processed by the agent.
Audit Metadata