Vercel

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed Vercel management skill that uses Membrane, but it can access secrets and change or delete Vercel resources.

Install only if you trust Membrane and intend to connect it to your Vercel account. Before using it, explicitly confirm the target project, team, domain, and action, especially for secret reads, environment variable edits, DNS changes, deployments, team changes, proxy requests, or project deletion. Revoke the Membrane/Vercel connection when it is no longer needed.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 89% confidence
Finding: The skill documents sensitive and destructive capabilities such as retrieving decrypted environment variables, creating or updating infrastructure resources, and deleting projects or deployments, but it does not instruct the agent to require explicit user confirmation before executing high-risk actions. In an agent setting, that omission can enable unintended destructive changes or secret exposure if the model infers permission from context or acts on ambiguous user requests.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal