App Builder
WarnAudited by ClawScan on May 10, 2026.
Overview
This skill is coherent for building apps, but it should be reviewed because it can push code, upload environment secrets, and deploy to production accounts with limited user confirmation.
Install only if you are comfortable with an agent creating GitHub/Vercel resources, pushing to main, and deploying production updates. Before using it, specify the target accounts and app folder, ask for confirmation before any push or production deploy, and review every .env variable before it is uploaded.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent could publish code changes and deploy production updates even when the user only asked for a fix or edit.
The skill makes main-branch pushes and Vercel deployment mandatory rather than requiring explicit user approval for each high-impact action.
For now, always push to `main`. Every app must be: 1) pushed to GitHub 2) deployed on Vercel
Require explicit confirmation before pushing to main or running production deployments, and prefer branch/preview workflows for edits unless the user asks to release.
Sensitive local secrets could be uploaded to the wrong Vercel project or environment, or shared with people who have access to that project.
This directs the agent to transfer local environment variables, which often contain secrets, to Vercel without specifying review, filtering, or target environment boundaries.
Use the CLI to push the environment variables you do have in the local .env file.
Have the user review and approve each environment variable, exclude unrelated secrets, and specify whether variables are for production, preview, or development.
Actions will run under the user's logged-in provider accounts and may create repos, projects, tokens, or deployments there.
The workflow depends on authenticated GitHub, Vercel, and Instant CLI identities; this is expected for deployment but gives the agent account-level authority.
If you use these tools, and find out that you don't have them or are not logged in, prompt the user to install them and log in.
Before use, confirm the intended GitHub account/org, Vercel team/project, and Instant app, and use least-privileged accounts where possible.
The user is trusting the current npm versions of these tools when creating apps.
The skill uses npx commands without pinned package versions, which can execute externally supplied package code; this is central to the app creation workflow but still a provenance consideration.
`npx instant-cli init-without-files` ... `npx create-instant-app <app-name> --next --codex --app <appId> --token <token>`
Use trusted package sources, consider pinning known-good versions, and review generated code before committing and deploying.