render-migrate-from-heroku
Fail
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: HIGHEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches the Render CLI installation script from the vendor's official GitHub repository (
https://raw.githubusercontent.com/render-oss/cli/main/bin/install.sh). This is documented as a trusted vendor resource for setting up the migration environment. - [COMMAND_EXECUTION]: Orchestrates the execution of data migration tools including
pg_dump,pg_restore, andredis-cli. These commands are generated based on the application's configuration and presented to the user for review before execution. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it parses untrusted local project files to drive the migration workflow.
- Ingestion points:
SKILL.md(Step 1a) instructs the agent to readProcfile,package.json, and other dependency files from the local repository. - Boundary markers: The instructions include a 'Migration Workflow' rule to 'Present findings to the user and get confirmation before creating any resources'.
- Capability inventory: The skill uses the Render CLI, database utilities, and Render/Heroku MCP tools to perform deployments and data transfers.
- Sanitization: Relies on manual user verification of the 'Migration Plan Table' generated in
references/preflight-checklist.mdbefore any action is taken.
Recommendations
- HIGH: Downloads and executes remote code from: https://raw.githubusercontent.com/render-oss/cli/main/bin/install.sh - DO NOT USE without thorough review
Audit Metadata