Vercel Claude Code plugin wants to read your prompt
7 hours ago
- #telemetry
- #privacy
- #Vercel plugin
- The Vercel plugin collects telemetry data including device ID, OS, frameworks, bash command strings, and prompt text without clear user consent or project scope.
- Telemetry is implemented via prompt injection, where the plugin injects instructions for Claude to ask questions and execute shell commands, making it indistinguishable from native UI.
- Bash command strings (including file paths and env variables) are sent to Vercel's servers by default, without an opt-in, and are misrepresented as anonymous usage data.
- The plugin lacks project detection for telemetry gating; it monitors all projects regardless of their relevance to Vercel, despite having framework detection capabilities.
- Opt-out options exist (e.g., environment variable or plugin disable), but are not prominently disclosed during installation or first use.
- The issue highlights concerns over user privacy, consent design, and plugin architecture that allows such behavior without adequate safeguards.