render-deploy
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: CRITICALREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- REMOTE_CODE_EXECUTION (CRITICAL): The skill implements a piped remote script execution pattern, which downloads and executes external code without verification.
- Evidence: Automated detection of
curl -fsSL https://raw.githubusercontent.com/render-oss/cli/main/bin/install.sh | sh. - Risk: Piped execution allows the remote repository owner to execute arbitrary commands on the host. The source
render-ossis not included in the Trusted GitHub Organizations list. - PROMPT_INJECTION (LOW): The skill has an indirect prompt injection surface through its codebase analysis features.
- Ingestion points: The skill reads various project manifest files (e.g.,
package.json,requirements.txt,go.mod) as described inreferences/codebase-analysis.md. - Boundary markers: Absent; no delimiters or ignore-instructions are specified to protect against malicious content in these files.
- Capability inventory: High-privilege actions including cloud resource creation and environment variable management via MCP tools.
- Sanitization: Absent; the skill does not validate or sanitize inputs extracted from the target codebase.
Recommendations
- HIGH: Downloads and executes remote code from: https://raw.githubusercontent.com/render-oss/cli/main/bin/install.sh - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata