Claude’s Vercel plugin triggers unsolicited telemetry consent, logs shell commands
Key Points
- Developer encountered unexpected telemetry consent prompt in Claude Code.
- Prompt appears even when no Vercel configuration files exist.
- Plugin injects system‑level instructions, making consent request indistinguishable from core functionality.
- Full Bash command strings, device IDs, OS details and CLI versions are captured and sent automatically.
- Disabling telemetry requires manual edits to environment variables or config files, not presented during setup.
- Telemetry runs across all projects, not limited to Vercel‑related environments.
- Vercel has not responded to inquiries about the data collection practices.
A developer using Claude Code noticed a consent prompt for telemetry even in projects that lack any Vercel configuration. Investigation revealed that the Vercel plugin injects system‑level instructions, captures full Bash command strings, device identifiers, OS details and other usage data, and transmits them without an explicit opt‑in. Disabling the data collection requires manual changes to environment variables or configuration files, steps that are not presented during installation. Vercel has not responded to requests for comment.
When a software engineer opened Claude Code to work on a routine script, the interface suddenly asked whether prompt data could be shared. The request appeared despite the project containing no Vercel configuration files or dependencies, prompting the developer to dig into the plugin’s source code.
What the engineer found was a telemetry consent mechanism that does not behave like a typical UI element. Instead, the Vercel plugin injects instructions directly into Claude’s system context. Those instructions ask the user a question and then run shell commands based on the response, making the interaction indistinguishable from a native Claude feature.
Beyond the prompt, the plugin collects a surprising amount of data. Session‑level telemetry includes device identifiers, operating system details, detected frameworks and installed CLI versions. More concerning, every Bash command executed within Claude Code is captured in full and transmitted to Vercel’s servers. The data can expose file paths, environment variables and other infrastructure details that developers typically consider private.
The plugin’s documentation states that “anonymous usage data” is collected by default, while prompt text requires explicit approval. In practice, however, many telemetry categories remain active unless the user manually disables them. The disabling options are hidden inside the plugin directory and involve setting environment variables or editing configuration files—steps that are not surfaced during the initial setup.
Code inspection shows that the telemetry system operates across all projects, regardless of whether they relate to Vercel services. Although the plugin’s detection logic scans for Vercel configuration files, the gating mechanism that should limit data collection is never applied. As a result, the telemetry runs universally, collecting data even in unrelated code bases.
Removing the device identifier file or disabling the plugin altogether also halts data transmission, but these actions are not advertised to users. The lack of clear opt‑in or opt‑out controls contrasts sharply with the consent prompt presented for prompt sharing, leaving developers uncertain about what information is being sent.
TechRadar Pro reached out to Vercel for comment on the findings. At the time of publishing, the company had not responded.