Trust Assessment
render-deploy received a trust score of 65/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 6 findings: 1 critical, 3 high, 1 medium, and 1 low severity. Key findings include Explicit Request for Escalated Sandbox Permissions, Potential Command Injection via API Key Interpolation, Potential Command Injection via API Key Environment Variable.
The analysis covered 4 layers: dependency_graph, manifest_analysis, llm_behavioral_safety, static_code_analysis. The llm_behavioral_safety layer scored lowest at 16/100, indicating areas for improvement.
Last analyzed on February 11, 2026 (commit f4b5c7d6). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings6
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Explicit Request for Escalated Sandbox Permissions The skill explicitly instructs the agent to rerun with `sandbox_permissions=require_escalated`. This directly requests elevated privileges, which could allow the agent to perform actions outside its intended scope if compromised or misused. Avoid explicit requests for `require_escalated` permissions unless absolutely necessary and clearly justified. If elevated permissions are required, ensure strict input validation and least privilege principles are applied to all subsequent operations. | Unknown | SKILL.md:30 | |
| HIGH | Potential Command Injection via API Key Interpolation The skill instructs the agent to construct shell commands by directly interpolating user-provided API keys (e.g., `<YOUR_API_KEY>`) into strings without explicit sanitization or escaping. If the API key contains shell metacharacters (e.g., `"`, `;`, `$(...)`), it could lead to arbitrary command execution. Ensure all user-provided inputs, especially sensitive credentials like API keys, are properly sanitized and escaped before being interpolated into shell commands. Use parameterized commands or library functions that handle escaping automatically where possible. | Unknown | SKILL.md:149 | |
| HIGH | Potential Command Injection via API Key Environment Variable The skill instructs the agent to set an environment variable using a user-provided API key: `export RENDER_API_KEY="rnd_xxxxx"`. If the API key is directly interpolated without proper shell escaping, a malicious key could inject arbitrary commands. Ensure all user-provided inputs, especially sensitive credentials like API keys, are properly sanitized and escaped before being interpolated into shell commands or environment variable assignments. Use secure methods for setting environment variables that prevent shell injection. | Unknown | SKILL.md:177 | |
| HIGH | Unpinned Remote Script Execution (Supply Chain Risk) The skill instructs the agent to install software by piping a script directly from a remote URL (`https://raw.githubusercontent.com/...`) to `sh`. This method is vulnerable to supply chain attacks if the remote script is compromised, as there is no version pinning or integrity check. The agent would execute potentially malicious code without verification. Avoid piping remote scripts directly to a shell. If remote installation is necessary, use package managers with integrity checks (like Homebrew, which is also suggested) or download the script, verify its hash, and then execute it. Pin to specific versions or commits to prevent unexpected changes. | Unknown | SKILL.md:128 | |
| MEDIUM | Instructions for Installing System-Wide Software The skill instructs the agent to install software using `brew install` or `curl | sh`. These operations typically require elevated system permissions and can modify the host environment, increasing the attack surface if the installation source is compromised or the agent is misused. Minimize instructions for installing system-wide software. If necessary, ensure the installation source is trusted and verified. Consider using containerized environments or virtual environments to isolate dependencies and reduce impact on the host system. | Unknown | SKILL.md:126 | |
| LOW | Handling of Sensitive API Keys The skill instructs the agent to obtain and configure Render API keys, including writing them to a file (`~/.cursor/mcp.json`) and passing them in commands. While not malicious harvesting, this involves handling highly sensitive credentials. The skill does not explicitly detail secure storage practices (e.g., file permissions) or logging prevention, which could lead to accidental exposure if the agent's implementation is not robust. Add explicit instructions for secure handling of API keys, such as ensuring appropriate file permissions (e.g., `chmod 600`) for configuration files, avoiding logging of API keys, and using secure credential management systems where available. | Unknown | SKILL.md:139 |
Scan History
Embed Code
[](https://skillshield.io/report/190f51c94e06de70)
Powered by SkillShield