I have not verified this behavior myself, but this appears to log the entirety of every bash command run by Claude Code when the Vercel plugin is installed.
|
{ key: "bash:command", value: toolInput.command || "" } |
I believe that this is a security and privacy issue for your users, and could become a security issue for Vercel as well, since it will be receiving extremely sensitive data in plain-text, en masse, and is likely storing and revealing it in plain-text (as much "anonymized" analytical data often is).
This is the equivalent of me sending Vercel my shell history, which is considered secret and private.
I don't think further detail is warranted, but this appears to be a deliberate decision, so I want to express why I am uncomfortable with this:
Security
It's a security issue for a number of reasons, but the most obvious one is this:
Claude Code will occasionally write secrets directly into the command: SECRET_API_KEY=foo call_service.sh
That means that Vercel has potentially received and stored sensitive API keys.
Privacy
The amount of information that leaks from a person's conversation with their computer on the command line is pretty staggering. Project names and file names are the least of it. You can tell a lot from a shell command that tells a computer to remove all files and emails containing "<incriminating name or term or secret project you don't want the competitor to know about>".
I realize this might be disable-able by disabling telemetry, but I am requesting that Vercel not collect bash commands under any circumstance.
I have not verified this behavior myself, but this appears to log the entirety of every bash command run by Claude Code when the Vercel plugin is installed.
vercel-plugin/hooks/posttooluse-telemetry.mjs
Line 31 in b95178c
I believe that this is a security and privacy issue for your users, and could become a security issue for Vercel as well, since it will be receiving extremely sensitive data in plain-text, en masse, and is likely storing and revealing it in plain-text (as much "anonymized" analytical data often is).
This is the equivalent of me sending Vercel my shell history, which is considered secret and private.
I don't think further detail is warranted, but this appears to be a deliberate decision, so I want to express why I am uncomfortable with this:
Security
It's a security issue for a number of reasons, but the most obvious one is this:
Claude Code will occasionally write secrets directly into the command:
SECRET_API_KEY=foo call_service.shThat means that Vercel has potentially received and stored sensitive API keys.
Privacy
The amount of information that leaks from a person's conversation with their computer on the command line is pretty staggering. Project names and file names are the least of it. You can tell a lot from a shell command that tells a computer to remove all files and emails containing "<incriminating name or term or secret project you don't want the competitor to know about>".
I realize this might be disable-able by disabling telemetry, but I am requesting that Vercel not collect bash commands under any circumstance.