Plugin and version
vercel plugin (filed against vercel:env-vars and vercel:knowledge-update skills).
Observed behaviour
Vercel Marketplace integrations (Supabase, Blob, Resend, similar) write env vars into the project with the Sensitive flag set by default. The flag has three consequences that aren't covered by either skill:
vercel env pull cannot retrieve a Sensitive-flagged value. The pulled .env.local ends up with the key but a placeholder value.- The Vercel dashboard hides the value behind a passkey re-auth that an agent cannot complete.
- API/CLI reads return the placeholder, not the real value.
Practical implication: any script that uses a Marketplace-managed secret must run inside Vercel (admin route gated by Bearer auth, a build-time script, or a cron). It cannot run from the operator's laptop with a locally-populated .env.local. A team that doesn't know this writes a local script first, sees the Sensitive flag, then has to refactor the script into an admin route. The refactor adds auth-gating, a Server Action shape, and a deploy round-trip.
Expected behaviour
Both vercel:env-vars and vercel:knowledge-update should mention the Sensitive flag and its run-inside-Vercel implication. A worked example showing the admin-route shape (Bearer + CRON_SECRET, returns JSON, idempotent) would prevent the laptop-script-first detour entirely.
Steps to reproduce
- Create a Vercel project, install any Marketplace integration that writes env vars (e.g. Supabase).
vercel env pull --environment=production .env.production against the project.- Inspect the pulled file: the Marketplace-injected secrets show placeholder values, not real ones.
- Try to read the value via
vercel env API: same placeholder.
- Try to write a Node script using the real secret from
.env.local: fails to authenticate against the underlying service.
- The only viable path is to run the script inside Vercel's runtime where the real secret is injected.
Workaround
Skip the local-script step entirely on any task that touches Marketplace-managed secrets. Write the admin route first, deploy, invoke via cron or a one-shot POST with Bearer.
Context
Surfaced during a third-party-API end-to-end buildout that initially used a local launch script. Local script failed because it needed a Marketplace-injected secret. Refactored into a gated admin route in the same session.
Plugin and version
vercelplugin (filed againstvercel:env-varsandvercel:knowledge-updateskills).Observed behaviour
Vercel Marketplace integrations (Supabase, Blob, Resend, similar) write env vars into the project with the Sensitive flag set by default. The flag has three consequences that aren't covered by either skill:
vercel env pullcannot retrieve a Sensitive-flagged value. The pulled.env.localends up with the key but a placeholder value.Practical implication: any script that uses a Marketplace-managed secret must run inside Vercel (admin route gated by Bearer auth, a build-time script, or a cron). It cannot run from the operator's laptop with a locally-populated
.env.local. A team that doesn't know this writes a local script first, sees the Sensitive flag, then has to refactor the script into an admin route. The refactor adds auth-gating, a Server Action shape, and a deploy round-trip.Expected behaviour
Both
vercel:env-varsandvercel:knowledge-updateshould mention the Sensitive flag and its run-inside-Vercel implication. A worked example showing the admin-route shape (Bearer + CRON_SECRET, returns JSON, idempotent) would prevent the laptop-script-first detour entirely.Steps to reproduce
vercel env pull --environment=production .env.productionagainst the project.vercel envAPI: same placeholder..env.local: fails to authenticate against the underlying service.Workaround
Skip the local-script step entirely on any task that touches Marketplace-managed secrets. Write the admin route first, deploy, invoke via cron or a one-shot POST with Bearer.
Context
Surfaced during a third-party-API end-to-end buildout that initially used a local launch script. Local script failed because it needed a Marketplace-injected secret. Refactored into a gated admin route in the same session.