verification
Pass
Audited by Gen Agent Trust Hub on Mar 31, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [Command Execution]: The skill utilizes the Vercel CLI (e.g.,
vercel logs,vercel env ls) to retrieve runtime data and configuration. This is a standard practice for diagnosing deployment issues and environment mismatches within the Vercel platform. - [Sensitive File Access]: The agent is instructed to inspect sensitive files such as
.env.localand environment variables. This access is necessary for the skill's purpose of verifying that the application has the required credentials and configurations to function correctly across different layers. - [Indirect Prompt Injection Surface]: The skill analyzes untrusted project data, such as source code and route structures, to guide its verification logic. While this represents a potential surface for indirect prompt injection, the skill's activities are focused on observation and status reporting rather than executing arbitrary logic derived from those files. Evidence Chain: (1) Ingestion points: Reads git diffs, package.json, and route files. (2) Boundary markers: Absent. (3) Capability inventory: Uses agent-browser and Vercel CLI. (4) Sanitization: Absent.
Audit Metadata