vercel-cli

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs the agent to fetch and inspect arbitrary preview deployment URLs using "vercel curl" (see references/monitoring-and-debugging.md and references/deployment.md, and Step 4 in command/vercel.md), which reads untrusted user-deployed web content that the agent is expected to interpret and that can materially change subsequent actions (promote/rollback/inspect), so it exposes the agent to indirect prompt injection risk.