100Critical
The skill allows arbitrary code execution and file system writes,
Behavior Analysis
Description verified — behavior matches claim
Claims to do
AI Functions Examples: The `examples/ai-functions/` directory contains scripts for validating, testing, and iterating on AI SDK functions across providers.
Actually does
This skill provides documentation and a framework for developing and running TypeScript examples that utilize the AI SDK. These examples, executed via `pnpm tsx`, interact with various AI provider APIs (e.g., OpenAI, Google, Amazon Bedrock) for tasks like text generation, object generation, embeddings, image generation, speech generation, transcription, and reranking, loading configurations from `.env` files. It includes utilities for error handling, streaming output, and saving generated media.
Skill Info
Namevercel/ai/develop-ai-functions-example
Registrygithub
Version02e933667b41
PURLpkg:github/vercel/ai@02e933667b41?skill=develop-ai-functions-example
Stars23,517
Installs671
Source
SHA-2569d77f7652e8e...
SHA-163cabe9c2efc...
MD5049ee7ebcc88...
TLSH33f1b5a46c25...
ssdeep192:FKl7X5vl...
Size7,839 bytes
Install
This skill has been flagged as potentially malicious. Review the findings below before installing.
Skills.shDocs
npx skills add https://github.com/vercel/ai --skill develop-ai-functions-exampleAssessments (1)
AI Agent Traps ↗Arbitrary Code Execution & File Modificationcriticalcommand execution
The skill is designed for 'creating, running, or modifying examples' using `pnpm tsx` to execute TypeScript files and defining tools with arbitrary `execute` functions. This capability, if exploited, allows an attacker to inject and execute arbitrary code, leading to potential system compromise, reverse shells, or data manipulation.
100% confidenceline 3
description: Develop examples for AI SDK functions. Use when creating, running, or modifying examples under examples/ai-functions/src; pnpm tsx src/generate-text/openai.ts; execute: async ({ param }) => { ... }Access to Sensitive Environment Variableshighcredential theft
The `run.ts` utility, used by all examples, loads environment variables from `.env` files. This exposes potentially sensitive credentials or API keys to any executed script or tool, creating a risk of credential theft if an attacker can control the executed code.
100% confidence
`run.ts` which: - Loads environment variables from `.env`
Direct File System Write Capabilitiesmediumdata exfiltration
Utilities like `save-raw-chunks.ts` and `save-audio.ts` enable writing data directly to the file system. This capability could be abused for data exfiltration, persistence, or data destruction if an attacker can manipulate the content or destination of these write operations.
100% confidence
`save-raw-chunks.ts | Save streaming chunks for test fixtures`, `save-audio.ts | Save audio files to disk`
Version History (2)
Badge
Markdown
[](https://mondoo.com/ai-agent-security/skills/github/vercel/ai/develop-ai-functions-example)HTML
<a href="https://mondoo.com/ai-agent-security/skills/github/vercel/ai/develop-ai-functions-example"><img src="https://mondoo.com/ai-agent-security/api/badge/github/vercel/ai/develop-ai-functions-example.svg" alt="Mondoo Skill Check" /></a>Image URL
https://mondoo.com/ai-agent-security/api/badge/github/vercel/ai/develop-ai-functions-example.svgSecure your AI agents
Skills can read files, run commands, and access credentials. Mondoo helps organizations manage the security risks of AI agent skills across their entire fleet.
- Continuous scanning of skills across all registries
- Policy enforcement before skills reach your agents
- Integration with your existing security workflow