Skip to main content

vercel

Facilitates deployment of applications to Vercel, including serverless functions and CI/CD for Next.js projects.

Install this skill

or
73/100

Security score

The vercel skill was audited on Feb 16, 2026 and we found 15 security issues across 4 threat categories. Review the findings below before installing.

Categories Tested

Security Issues

medium line 148

Template literal with variable interpolation in command context

SourceSKILL.md
148res.status(405).end(`Method ${req.method} Not Allowed`);
medium line 193

Template literal with variable interpolation in command context

SourceSKILL.md
193message: `Hello from ${city}, ${country}!`,
medium line 406

Template literal with variable interpolation in command context

SourceSKILL.md
406if (authHeader !== `Bearer ${process.env.CRON_SECRET}`) {
low line 234

Fetch to external URL

SourceSKILL.md
234const res = await fetch('https://api.example.com/posts', {
low line 81

Access to .env file

SourceSKILL.md
81vercel env pull .env.local
low line 101

Access to .env file

SourceSKILL.md
101const apiKey = process.env.API_KEY;
low line 104

Access to .env file

SourceSKILL.md
104const publicUrl = process.env.NEXT_PUBLIC_API_URL;
low line 256

Access to .env file

SourceSKILL.md
256if (secret !== process.env.REVALIDATE_SECRET) {
low line 406

Access to .env file

SourceSKILL.md
406if (authHeader !== `Bearer ${process.env.CRON_SECRET}`) {
low line 88

External URL reference

SourceSKILL.md
88NEXT_PUBLIC_API_URL=https://api.example.com
low line 91

External URL reference

SourceSKILL.md
91NEXT_PUBLIC_API_URL=https://staging-api.example.com
low line 94

External URL reference

SourceSKILL.md
94NEXT_PUBLIC_API_URL=http://localhost:3001
low line 234

External URL reference

SourceSKILL.md
234const res = await fetch('https://api.example.com/posts', {
low line 283

External URL reference

SourceSKILL.md
283{ "source": "/api/:path*", "destination": "https://api.example.com/:path*" },
low line 307

External URL reference

SourceSKILL.md
307destination: 'https://api.backend.com/:path*',
Scanned on Feb 16, 2026
View Security Dashboard
Installation guide →
GitHub Stars 4
Rate this skill
Categorydevelopment
UpdatedMay 21, 2026
frontendapifrontend-developerproduct-managergrowth-pmvercelgithubgitlabbitbucketdevelopmentproduct
mgd34msu/goodvibes-gemini