ClawHub

Vercel Staging Workflow

Security checks across malware telemetry and agentic risk

Overview

This is a coherent Vercel staging workflow guide, but users should tighten the token handling and commit-matching behavior before relying on it for release integrity.

Before installing, verify the alias is only for staging, store the Vercel token only in GitHub Actions secrets, scope and rotate it where possible, avoid broad org-level reuse unless necessary, and consider changing the workflow to fail instead of falling back when it cannot find the exact deployment for the triggering commit.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Intent-Code Divergence

Medium
Confidence
96% confidence
Finding
The workflow documentation promises that the staging alias will always track the latest deployment from main, but if no matching READY deployment is found for the current commit, the script falls back to the latest READY deployment for the project regardless of commit or branch. That can silently repoint staging to an unrelated deployment, undermining environment integrity and potentially exposing unreviewed or stale code as staging.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill instructs users to create and store a permanent Vercel API token in GitHub Secrets, but it does not clearly emphasize that this is a long-lived high-sensitivity credential with potentially broad deployment control. In CI/CD guidance, encouraging permanent tokens without minimum-scope, rotation, access-control, and exposure warnings increases the chance of credential misuse or compromise, especially across multiple repositories or org-level secrets.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal