Vercel AI Cloud CLI Non-Interactive Mode Token Exposure Vulnerability

A vulnerability exists in Vercel's AI Cloud CLI versions 50.16.0 prior to 52.0.0. When the CLI operates in non-interactive mode, either through an explicit flag or automatic detection of an AI agent, certain commands that require user input generate JSON responses with suggested follow-up actions. If the user has authenticated using the '--token' or '-t' option, the token is included in these suggestions. This plaintext token can then be logged in CI/CD pipelines, agent transcripts, or other automated outputs.

Impact

Exposing the plaintext token in logs or automation outputs could lead to unauthorized access, as the token is used for authentication with Vercel's services.

Remediation

Users should upgrade to Vercel CLI version 52.0.1 or later. If the '--token' option was used with '--non-interactive' in the past, review logs for exposed tokens and rotate them. It is recommended to use the 'VERCEL_TOKEN' environment variable for authentication.