Netlify Deploy
PassAudited by VirusTotal on May 11, 2026.
Overview
Type: OpenClaw Skill Name: netlify-deploy Version: 1.0.0 The OpenClaw AgentSkills skill bundle for Netlify deployment is classified as benign. All files (SKILL.md, cli-commands.md, deployment-patterns.md, memory-template.md, netlify-toml.md, setup.md) consistently focus on safe and standard Netlify CLI operations. SKILL.md explicitly outlines security and privacy, stating what data leaves the machine (Netlify deploy artifacts, auth data to Netlify) and what stays local, and explicitly denies storing secrets, running undeclared external services, or modifying unrelated directories. The instructions for the AI agent in SKILL.md and setup.md prioritize preview deploys, require explicit user confirmation for production, and guide the agent to verify paths and authentication, indicating a strong emphasis on safety and preventing accidental or malicious actions. While cli-commands.md lists Netlify CLI commands including `npx netlify env:import .env`, this is a standard Netlify feature for managing site environment variables, and the skill provides no instructions for the agent to misuse it for local data exfiltration or other malicious purposes. No evidence of prompt injection for malicious intent, data exfiltration to unauthorized endpoints, persistence mechanisms, or obfuscation was found.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If run against the wrong site, directory, or account, a production deploy could publish unintended changes.
Production deploys can change a live public site, but the artifact includes a clear preview-first and explicit-confirmation guardrail.
Use `npx netlify deploy --prod` only when the user explicitly requests production or confirms readiness.
Keep the preview-first workflow, verify the Netlify site/team and build output, and require explicit user confirmation before any production deploy.
Misuse could overwrite deployment configuration or expose secret values to the Netlify account where they are imported.
The command reference includes Netlify environment-variable operations, including importing a local .env file, which can mutate hosted configuration and send sensitive values to Netlify if used.
npx netlify env:set KEY value npx netlify env:get KEY npx netlify env:import .env
Run environment-variable commands only when explicitly requested, confirm the target site/team/context, and avoid printing or storing secret values in skill memory.
Commands may act with the privileges of the logged-in Netlify user and selected team.
The skill uses the user's Netlify login/session to authenticate CLI actions; this is expected for deployment, but it grants actions under the active Netlify account.
If not authenticated, run `npx netlify login` ... Auth/session data is exchanged with Netlify during `npx netlify login`.
Before deploying, confirm the active Netlify account/team and log out or relink if the CLI is authenticated to the wrong workspace.
CLI behavior and versioning come from the external Netlify CLI environment rather than this instruction-only skill.
The skill depends on invoking the Netlify CLI through npx rather than bundled or pinned code; this is central to the stated purpose but relies on trust in the external CLI package.
npx netlify status
Use the official Netlify CLI, consider pinning or preinstalling a known version for reproducible deployments, and avoid running npx commands from untrusted project directories.
Incorrect saved defaults could steer future deploys toward the wrong project, path, or deploy mode.
The skill persists deployment defaults and project context for future use; this is purpose-aligned, but persistent defaults can become stale or be over-trusted.
Store integration preferences in main memory. ... In `~/netlify-deploy/memory.md`, keep: Preferred default deploy mode ... Frequent project paths and common publish directories
Store only non-secret operational preferences, review the memory file when projects change, and keep production deploy confirmation explicit.