Deno Deploy
ReviewAudited by ClawScan on May 10, 2026.
Overview
This is a coherent Deno Deploy helper, but it can publish public sites and create Deno projects using stored credentials without requiring explicit deployment confirmation.
Install only if you want the agent to deploy apps to your Deno account. Before each deployment, confirm the exact code, project name, Deno organization, and that the result will be publicly accessible at a deno.dev URL.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A page or app could be published to the internet and a Deno project could be created in the user's account when the user only asked to build or draft something.
This expands deployment beyond explicit publish requests and proceeds to create a public project/upload code without requiring a clear user confirmation step.
Also trigger when the user asks to build a web page, interactive app, or HTML project that would benefit from a live URL... The script will: 1. Create a new Deno Deploy project 2. Upload the code 3. Print the live URL
Require explicit user approval before running the deploy script, and show the project name, code file, destination account/org, and public URL behavior before deployment.
Anyone running the skill needs to understand that it uses account credentials with authority to create Deno Deploy resources.
The script uses a local Deno access token and organization ID to create projects and deployments in the user's Deno account.
CONFIG_DIR = os.path.expanduser("~/.config/deno-deploy") ... token = open(token_path).read().strip() ... api_request("POST", f"/organizations/{org_id}/projects", token, body)Use a dedicated, least-privilege Deno token if available, protect the config files, and revoke or rotate the token if the workspace is shared or compromised.