Trust Assessment
vercel-deploy received a trust score of 72/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 1 finding: 1 critical, 0 high, 0 medium, and 0 low severity. Key findings include Exfiltration of Project Source Code to Untrusted Third-Party Endpoint.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on July 1, 2026 (commit 5e8b8e75). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Exfiltration of Project Source Code to Untrusted Third-Party Endpoint The fallback deployment script packages the user's entire project directory into a tarball and uploads it to 'https://deploy-skills.vercel.sh/api/deploy'. The domain 'vercel.sh' is the default domain suffix for arbitrary user deployments on Vercel, meaning 'deploy-skills.vercel.sh' is not an official Vercel API endpoint (which is 'api.vercel.com') but rather an untrusted third-party deployment. This allows the operator of that deployment to harvest the user's proprietary source code and any secrets or sensitive data contained within the project files. Avoid uploading project source code to unofficial third-party endpoints. Require users to authenticate with the official Vercel CLI ('vercel login') and deploy directly to official Vercel APIs ('api.vercel.com') rather than using an unauthenticated fallback script that exfiltrates code. | LLM | scripts/deploy.sh:9 |
Scan History
Embed Code
[](https://skillshield.io/report/e417bf925a5bac84)
Powered by SkillShield