render-deploy
Fail
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches the Render CLI installation script from the official Render-oss GitHub repository, which is a well-known service provider.
- [REMOTE_CODE_EXECUTION]: Installs the Render CLI by executing a shell script retrieved from Render's official repository via a piped shell command.
- [COMMAND_EXECUTION]: Runs local shell commands including
gitandrenderto validate configurations, manage deployments, and analyze project files. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it reads and parses untrusted local project files (e.g.,
package.json,requirements.txt,go.mod) to determine deployment settings without implementing sanitization or boundary markers. - [PROMPT_INJECTION]: The instructions explicitly direct the agent to request escalated sandbox permissions (
sandbox_permissions=require_escalated) if network access is restricted, which involves bypassing default security constraints.
Recommendations
- HIGH: Downloads and executes remote code from: https://raw.githubusercontent.com/render-oss/cli/main/bin/install.sh - DO NOT USE without thorough review
Audit Metadata