Summary

When the Vercel CLI runs in non-interactive mode (--non-interactive or auto-detected AI agent), commands that cannot complete autonomously emit JSON payloads with suggested follow-up commands. If the user authenticated via --token or -t on the command line, the token value is included verbatim in those suggestions.

Conditions

All three must be true for the token to appear in output:

1. Token passed as a CLI argument (--token / -t). The VERCEL_TOKEN environment variable is not affected.
2. Non-interactive mode is active (explicit flag or AI agent auto-detection).
3. The command cannot complete on its own (e.g. missing --yes, ambiguous scope, API errors). Successful commands produce no suggestion output.

Impact

The plaintext token may be captured in CI/CD logs, agent transcripts, or other automation output.

Remediation

• Upgrade to the patched version.
• If developers have previously used --token with --non-interactive in their applications, review logs for exposed tokens and rotate them.
• Prefer VERCEL_TOKEN environment variable for authentication.