Trust Assessment
vercel-deploy received a trust score of 72/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 1 finding: 1 critical, 0 high, 0 medium, and 0 low severity. Key findings include Command Injection via unquoted VERCEL_TOKEN in script execution.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Command Injection via unquoted VERCEL_TOKEN in script execution The `VERCEL_TOKEN` environment variable is used unquoted when constructing the `CMD` variable in `scripts/vercel_deploy.sh`. If `VERCEL_TOKEN` contains shell metacharacters (e.g., spaces, semicolons, command substitutions like `$(...)`), these characters will be interpreted by the shell during the execution of `$CMD`. This allows for arbitrary command injection, potentially leading to system compromise or data exfiltration. Always quote variables when constructing commands to prevent shell metacharacter interpretation. Change `CMD="npx vercel --token $VERCEL_TOKEN --yes"` to `CMD="npx vercel --token \"$VERCEL_TOKEN\" --yes"`. A more robust solution is to use a shell array for the command and its arguments: `CMD_ARRAY=(npx vercel --token "$VERCEL_TOKEN" --yes)` and then execute with `"${CMD_ARRAY[@]}"`. | LLM | scripts/vercel_deploy.sh:40 |
Scan History
Embed Code
[](https://skillshield.io/report/90aa80f4f4e7808b)
Powered by SkillShield