Vercel Sandbox

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only browser automation skill whose powerful actions are disclosed and aligned with its Vercel Sandbox purpose.

Install only if you need remote browser automation in Vercel Sandboxes. Pin dependencies for production, restrict target sites, require confirmation before submitting forms or changing account state, keep Vercel credentials out of client-side code and logs, and do not save private browser sessions or secrets into reusable sandbox snapshots.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 83% confidence
Finding: The skill explicitly supports opening arbitrary URLs, taking screenshots, reading page content, and submitting forms, but it does not include guardrails around sensitive data handling, authorization, or user consent. In agent contexts, this can enable unintended collection of private page content or automated actions on authenticated sessions if the surrounding application exposes it too broadly.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal