Official (Vendor)★ 4.1by Vercel

Vercel

Vercel deployments, projects, env vars from Claude. Hosted MCP available via the Vercel dashboard, no separate package install.

Homepage

Safety & Trust

Delv Safety Grade: A

Score 83/100 · assessed 2026-04-28

Maintainer95

Permissions75

Supply chain70

Transparency75

Incidents100

Vercel's official MCP server provides direct access to deployment management, project configuration, and environment variables through Claude. As a first-party integration from a major cloud platform vendor, it benefits from strong organisational backing and professional maintenance. The hosted model eliminates traditional supply chain risks since there's no package to install, though this also means less transparency into the implementation. Permissions are moderately scoped: it can read and write deployment configs, environment variables (including secrets), and project settings within your Vercel account. The VERCEL_TOKEN requirement grants broad access to your entire Vercel organisation, which is appropriate for the functionality but represents meaningful privilege. No security incidents are known. The main limitation is documentation transparency, as the hosted nature means you cannot inspect the server code directly.

Lethal Trifecta (prompt-injection exposure)

TWO OF THREE

Private dataYes

Reads secrets, credentials, private files

Untrusted inputNo

Ingests web pages, PRs, issues, emails

External commsYes

Can send data outbound

Project secrets private; deployment API outbound; build logs can carry untrusted strings (push to 3/3 if you read them).

Green flags

Official first-party integration from major cloud vendor (Vercel)
Hosted model eliminates npm/pypi supply chain attack surface
No local installation or dependency management required
Clear use case: deployment and infrastructure management
Professional vendor with strong security track record

Red flags

VERCEL_TOKEN grants full account access, not scoped to specific projects
Hosted implementation means no source code inspection possible
Can modify production environment variables including secrets
Documentation appears limited compared to open-source MCP servers

Permissions requested

Outbound networkAccess secretsIdentity readIdentity writeRepo readRepo write

Assessed by Delv Editorial using public metadata. Grades are advisory and update as the ecosystem changes. They do not replace your own review of permissions and code before granting an agent access to sensitive systems.

Review

This is Vercel's official MCP server for managing deployments, projects, and environment variables directly from Claude. It's a narrow tool with a clear job: let you inspect and manipulate your Vercel infrastructure without leaving your editor or chat window. I'd reach for this when I'm debugging a deployment issue mid-conversation with Claude, or when I need to quickly check which environment variables are set across staging and production. The workflow is straightforward: ask Claude to list your projects, inspect a specific deployment's status, or update an env var. It pairs naturally with Vercel's AI SDK MCPs if you're building agent workflows that need to introspect their own hosting setup. The big caveat is that this only works if you're already on Vercel. If you're hosting elsewhere, this does nothing for you. It also requires a Vercel API token, which means you're granting Claude fairly broad access to your account. That's fine for personal projects, but think twice before handing this to a shared team workspace. The official vendor status is reassuring. Vercel maintains this, so it should stay in sync with their API. But the lack of a public repo means you can't inspect the code or contribute fixes. You're trusting Vercel's implementation entirely. The real value shows up in agent dev flows. If you're building an AI app with the Vercel AI SDK and want your agent to self-diagnose deployment issues or check its own environment config, this closes the loop. Without it, you'd be context-switching to the Vercel dashboard constantly. It's not a must-have for everyone. If you only deploy once a week and don't mind opening a browser tab, skip it. But if you're iterating fast on Vercel-hosted projects and want deployment state visible to Claude, it's a clean addition. Just know you're adding another API key to your config and another surface area for mistakes.

Verdict

Install this if you deploy to Vercel frequently and want Claude to inspect or tweak your infrastructure without leaving the conversation. Skip it if you're not on Vercel, or if you prefer keeping deployment operations in a browser. The official vendor status and tight SDK integration make it a solid choice for agent developers on the platform.

Good at

Official Vercel implementation means it stays current with their API and won't break on platform updates.
Pairs cleanly with Vercel AI SDK MCPs for full-stack agent development workflows.
Lets you inspect deployment status and env vars without context-switching to a browser.
Supports all major Claude hosts plus Cursor, Windsurf, Cline, and Zed.

Watch out

Useless if you're not hosting on Vercel, making it a very narrow tool.
No public repo means you can't audit the code or submit fixes yourself.
Requires handing Claude a Vercel API token with potentially broad account access.
Manual configuration needed for hosts beyond Claude Desktop despite broad support claims.

Getting started

1. Generate a Vercel API token from your account settings at vercel.com/account/tokens with appropriate scopes for reading projects and deployments. 2. Add the MCP server to your Claude Desktop or editor config, passing the token as VERCEL_TOKEN in the environment variables section. 3. Restart your host application and verify by asking Claude to list your Vercel projects or describe a recent deployment. 4. Watch out for token scope: if Claude can't see certain projects, you may need to regenerate the token with broader permissions. 5. Test updating an environment variable on a non-production project first to confirm write operations work as expected.

Works with

Claude DesktopClaude CodeCursorWindsurfClineZed