vercel-firewall
Pass
Audited by Gen Agent Trust Hub on May 19, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- Management of Infrastructure via CLI: The skill utilizes the
vercel firewallcommand suite to modify project security settings. - Context: These commands are used to create, edit, and delete firewall rules, IP blocks, and system bypasses. This is the primary purpose of the skill and is handled via the official platform CLI.
- Mitigation: The skill reinforces a "best practice" workflow where changes are staged as drafts and requires the user to manually execute
vercel firewall publishto apply changes, providing a human-in-the-loop safety check. - Analysis of Local Repository Content: The instructions suggest that the agent proactively scan the repository for API endpoints to recommend rate-limiting rules.
- Security Consideration: This represents a surface for indirect prompt injection, as the agent ingests data from the codebase to influence its recommendations (Category 8).
- Evidence Chain:
- Ingestion points: Local repository files are scanned for API endpoint definitions.
- Boundary markers: None specified for the scanning process.
- Capability inventory: The skill can stage modifications to the project's firewall via
vercel firewall rules addin SKILL.md. - Sanitization: Not explicitly mentioned, though recommendations are presented to the user for review.
- Context: This is a standard developer assistant feature and is used here to improve the security posture of the application by identifying unprotected endpoints.
Audit Metadata