When a software engineer opened Claude Code to work on a routine script, the interface suddenly asked whether prompt data could be shared. The request appeared despite the project containing no Vercel configuration files or dependencies, prompting the developer to dig into the plugin’s source code.

What the engineer found was a telemetry consent mechanism that does not behave like a typical UI element. Instead, the Vercel plugin injects instructions directly into Claude’s system context. Those instructions ask the user a question and then run shell commands based on the response, making the interaction indistinguishable from a native Claude feature.

Beyond the prompt, the plugin collects a surprising amount of data. Session‑level telemetry includes device identifiers, operating system details, detected frameworks and installed CLI versions. More concerning, every Bash command executed within Claude Code is captured in full and transmitted to Vercel’s servers. The data can expose file paths, environment variables and other infrastructure details that developers typically consider private.

The plugin’s documentation states that “anonymous usage data” is collected by default, while prompt text requires explicit approval. In practice, however, many telemetry categories remain active unless the user manually disables them. The disabling options are hidden inside the plugin directory and involve setting environment variables or editing configuration files—steps that are not surfaced during the initial setup.

Code inspection shows that the telemetry system operates across all projects, regardless of whether they relate to Vercel services. Although the plugin’s detection logic scans for Vercel configuration files, the gating mechanism that should limit data collection is never applied. As a result, the telemetry runs universally, collecting data even in unrelated code bases.

Removing the device identifier file or disabling the plugin altogether also halts data transmission, but these actions are not advertised to users. The lack of clear opt‑in or opt‑out controls contrasts sharply with the consent prompt presented for prompt sharing, leaving developers uncertain about what information is being sent.

TechRadar Pro reached out to Vercel for comment on the findings. At the time of publishing, the company had not responded.

Used: News Factory APP - news discovery and automation - ChatGPT for Business