vercel-agent-vercel-optimize
Pass
Audited by Gen Agent Trust Hub on Jul 3, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [SAFE]: The skill performs its operations locally and only communicates with official Vercel APIs via the authenticated Vercel CLI. It includes a comprehensive redaction utility in
lib/vercel.mjsthat automatically masks authorization headers, project IDs, and team IDs in all command output and error logs to prevent accidental data exposure. - [COMMAND_EXECUTION]: The skill orchestrates several shell commands to retrieve data, including
vercel metrics,vercel usage,vercel api, and search utilities likerg(ripgrep). These are executed safely usingchild_process.execFilewith argument arrays, which avoids the risks associated with shell interpolation. A dedicated throttling and retry logic inlib/throttle.mjsensures these executions respect platform rate limits. - [PROMPT_INJECTION]: The skill uses a multi-agent 'brief' system to guide investigation. While it processes untrusted local source code, it employs a deterministic verification engine (
lib/verify-claim.mjs) that mechanically checks every claim (counts, snippets, file existence) against the filesystem and metrics. Recommendations that fail verification or contradict the known project state are automatically withheld or sent for regeneration, providing a strong defense against indirect prompt injection and AI hallucination. - [EXTERNAL_DOWNLOADS]: The skill references and encourages the use of official Vercel documentation and CLI tools. All cited URLs are validated against a curated, version-aware allow-list in
references/docs-library.json, preventing the agent from following or suggesting malicious or non-existent external links.
Audit Metadata