Skills
skills/render-oss/skills/render-cli/Gen Agent Trust Hub

render-cli

Pass

Audited by Gen Agent Trust Hub on May 1, 2026

Risk Level: SAFE
Full Analysis
  • [REMOTE_CODE_EXECUTION]: The skill provides a command to download and execute an installation script directly from the vendor's GitHub repository (https://raw.githubusercontent.com/render-oss/cli/refs/heads/main/bin/install.sh | sh). This is the official installation method for the tool.
  • [COMMAND_EXECUTION]: The CI/CD example uses sudo to move the downloaded CLI binary to /usr/local/bin. This is a routine operation for software installation in automated environments.
  • [DATA_EXPOSURE]: The skill references the configuration file ~/.render/cli.yaml, which stores authentication tokens. This is the standard local storage path for the tool's credentials.
  • [INDIRECT_PROMPT_INJECTION]: The skill enables the agent to read external data that could contain malicious instructions.
  • Ingestion points: Commands like render logs and render psql ingest potentially untrusted data from service logs and database queries into the agent's context.
  • Boundary markers: The provided instructions do not include specific delimiters or warnings to ignore instructions found within logs or database output.
  • Capability inventory: The agent can execute shell commands, manage services, and access databases via the render CLI.
  • Sanitization: There is no evidence of sanitization for the data retrieved from logs or database queries before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
May 1, 2026, 01:40 PM