Security Audit
openai/skills:skills/.curated/vercel-deploy
github.com/openai/skillsTrust Assessment
openai/skills:skills/.curated/vercel-deploy received a trust score of 85/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 1 finding: 0 critical, 1 high, 0 medium, and 0 low severity. Key findings include Command Injection in Framework Detection Script.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on July 17, 2026 (commit 49f948fa). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Command Injection in Framework Detection Script The `scripts/deploy.sh` script contains a command injection vulnerability in the `detect_framework` function. Specifically, the check `has_dep_exact "ember-cli" || has_dep_exact "ember-source"` executes `has_dep_exact "ember-source"` as a separate shell command if the first check fails, but because of how the conditional is structured inside the `if` statement, it can lead to unexpected shell evaluation or syntax errors. More critically, the script uses `cat` and `grep` on `package.json` contents without sanitization, which can be manipulated by a maliciously crafted `package.json` containing shell metacharacters or payload strings designed to exploit the grep/eval flow. Use a proper JSON parser like `jq` to safely extract dependencies from `package.json` instead of using `cat` and `grep` with raw shell conditionals. | LLM | scripts/deploy.sh:114 |
Scan History
Embed Code
[](https://skillshield.io/report/0632d361342c9ce8)
Powered by SkillShield