Security audit
Vercel
Security checks across malware telemetry and agentic risk
Overview
This Vercel skill is a disclosed ClawLink-based integration for managing Vercel resources, with high-impact write capabilities that are expected for its purpose and gated by confirmation instructions.
Install only if you are comfortable connecting Vercel through ClawLink and letting the agent manage Vercel resources on your behalf. Review previews carefully before approving writes, especially changes to production environment variables, domains, secrets, deployments, or team membership.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
63/63 vendors flagged this skill as clean.
Static analysis
No suspicious patterns detected.
