Next-Supabase-Vercel Bundle
SuspiciousAudited by ClawScan on May 10, 2026.
Overview
This looks like a real Next/Supabase/Vercel helper, but it builds shell commands from unvalidated inputs and can deploy/link to Vercel without clear safeguards.
Review before installing or invoking. Use only simple trusted project names and numeric ports, confirm the Vercel account/project before deployment, and protect any Supabase service-role key. Prefer a version that validates inputs, avoids shell-string execution, pins setup tooling, and asks for explicit confirmation before account-changing actions.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A malicious or accidental project name could cause commands to run on the user's machine during project creation.
The project name comes from the CLI argument and is joined into a shell command string. If an agent or user supplies a name containing shell metacharacters, it can execute unintended local commands.
const createNextAppCommand = ['npx', 'create-next-app@latest', projectName, ...]; execSync(createNextAppCommand.join(' '), { stdio: 'inherit' });Use spawn/execFile with argument arrays, validate project names against a strict safe pattern, quote paths safely, and avoid building shell strings from user input.
If an untrusted value is used for the port, it could run extra shell commands instead of only starting the dev server.
The port option is inserted directly into a shell command without numeric validation or argument escaping.
execSync(`npm run dev -- --port ${options.port}`, { stdio: 'inherit' });Validate the port as an integer in an allowed range and invoke npm using spawn/execFile arguments rather than a shell-interpolated string.
The agent could publish or link the current project in the user's Vercel account before the user has reviewed the deployment target.
The deploy command can link and deploy using the user's Vercel CLI session, including a --yes link operation, without showing or confirming the exact account, team, project, or deployment target.
execSync('vercel link --yes', { stdio: 'inherit' }); ... execSync(`vercel deploy ${deployFlags}`, { stdio: 'inherit' });Require explicit user confirmation before linking or deploying, display the Vercel account/team/project/environment, and avoid --yes unless the user has approved the exact action.
If the service key is exposed or committed, it can give broad access to the Supabase project.
The generated environment template asks for a Supabase service-role key, which is a high-privilege credential. This is purpose-aligned for server-side Supabase operations, but the registry metadata declares no primary credential or required env vars.
SUPABASE_SERVICE_KEY=your_service_role_key_here
Treat the service-role key as a secret, never expose it to client-side code, keep it out of git, and declare the credential requirement clearly in metadata.
The generated project may execute newly downloaded package code during setup, so compromise or changes upstream could affect the user's machine.
The scaffolding flow downloads and runs npm-sourced tooling/packages at runtime, including an @latest package. This is expected for a project generator, but it relies on current npm supply-chain state.
'npx', 'create-next-app@latest' ... const installCommand = `cd ${projectPath} && npm install @supabase/supabase-js @supabase/ssr`;Pin versions where practical, document the packages that will be executed, and let users review the command before running it.