ClawHub

Render Deploy

v1.0.0

Deploy applications on Render with codebase analysis, render.yaml Blueprint generation, MCP direct provisioning, and post-deploy verification.

0· 391·5 current·5 all-time
byIván@ivangdavila
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (Render deployment, render.yaml, MCP provisioning) match the declared binaries (git, Render CLI), primary credential (RENDER_API_KEY), and required config path (~/render-deploy/). All requested items are reasonable for performing Render deployments.
Instruction Scope
SKILL.md confines actions to repository inspection, Render CLI/MCP/API calls, and local memory under ~/render-deploy/. It explicitly forbids scanning unrelated credentials or calling undeclared endpoints. The flows (blueprint, direct creation, validation, verification) are deployment-focused and do not ask for unrelated system access.
Install Mechanism
Install is a single Homebrew formula for the Render CLI (reasonable). Minor portability note: the install spec only lists brew; while brew works on macOS and many Linux systems, Windows users may need an alternative installer—this is an operational mismatch, not a security issue.
Credentials
Only RENDER_API_KEY is required as the primary credential and env-var access is limited to deployment-relevant variables. The skill documents that secret values are stored only with explicit consent; no unrelated tokens or system credentials are requested.
Persistence & Privilege
The skill stores optional local memory under ~/render-deploy/ but requires user consent before creating files; always:false and normal autonomous invocation are used. This is appropriate, but users should review what they consent to store (deployment notes, env variable names).
Assessment
This skill appears coherent and focused on Render deployments. Before installing: 1) Be prepared to provide a Render API key—prefer a least-privilege key or a scoped service token rather than a full personal token. 2) Expect the skill to ask for consent before creating ~/render-deploy/; review contents if created (it may store deployment notes and env var names). 3) Confirm you’re comfortable with the Render endpoints listed (dashboard.render.com, mcp.render.com, api.render.com). 4) If you run on Windows, note the install spec uses Homebrew—ensure you have an appropriate Render CLI installer for your platform. 5) As with any deployment tool, review proposed render.yaml and commit/push actions before they run to avoid unintended configuration changes.

Like a lobster shell, security has layers — review code before you run it.

latestvk970wtdtbm18ry2h2a56c4j5z981z3v8

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🚀 Clawdis
OSLinux · macOS · Windows
Binsgit, render
EnvRENDER_API_KEY
Config~/render-deploy/
Primary envRENDER_API_KEY

Install

Install Render CLI (Homebrew)
Bins: render
brew install render

SKILL.md

Setup

On first use, read setup.md for integration guidelines. If local memory is needed, ask for consent before creating ~/render-deploy/.

When to Use

Use this skill when the user wants to deploy, publish, or host an application on Render and needs reliable deployment execution instead of generic advice. Activate for render.yaml Blueprint generation, MCP direct service creation, runtime configuration checks, and post-deploy triage.

Architecture

Memory lives in ~/render-deploy/. See memory-template.md for setup.

~/render-deploy/
|- memory.md                  # Stable preferences and integration choices
|- deployment-notes.md        # Project-level deployment decisions
|- env-inventory.md           # Required env vars and source of truth
`- incident-log.md            # Deploy failures and resolved fixes

Quick Reference

Load only the minimum file needed for the current request.

TopicFile
Setup processsetup.md
Memory templatememory-template.md
Codebase detection and commandscodebase-analysis.md
Blueprint workflow and render.yaml rulesblueprint-workflow.md
Authentication and MCP execution mappingdirect-creation.md
Startup and healthcheck troubleshootingtroubleshooting.md

Authentication Model

Before any provisioning command, confirm one of these is active:

  • RENDER_API_KEY is exported in the shell, or
  • Render CLI is authenticated (render whoami -o json)

For git-backed flows, require git and a valid remote URL. Do not attempt opaque credential discovery or unrelated environment inspection.

Core Rules

1. Classify the Deployment Path First

Before proposing commands, decide which path applies:

  • Git-backed deploy (Blueprint or Direct Creation)
  • Prebuilt Docker image deploy via Dashboard/API

If the repository has no remote, stop and ask the user to push a remote or switch to dashboard image deploy.

2. Choose Method by Complexity, Not Preference

Default decision:

  • Direct Creation when it is one simple service and no extra infra
  • Blueprint when there are multiple services, datastores, cron, workers, or reproducibility requirements

If uncertainty remains, ask one clarifying question and continue.

3. Verify Prerequisites Before Any Deploy Action

Run checks in this order:

  • git remote -v for source availability
  • MCP availability (list_services())
  • CLI fallback readiness (render --version, render whoami -o json)
  • Active workspace context (MCP or CLI)
  • Authentication presence (RENDER_API_KEY or authenticated CLI session)

Do not proceed to deployment steps when prerequisites are missing.

4. Treat render.yaml as Executable Infrastructure

When using Blueprint:

  • Declare all required env vars
  • Mark user-provided secrets with sync: false
  • Prefer plan: free unless user requests another plan
  • Match service type and runtime to the actual app behavior

After creating the file, validate before push.

5. Require Push Before Deeplink Handoff

Before sharing a Render Blueprint deeplink, confirm render.yaml is committed and pushed to the remote branch. If not pushed, the Dashboard flow will fail to discover the configuration.

6. Verify the Deployment and Close With Evidence

After deployment:

  • Confirm latest deploy status is live
  • Check health endpoint response
  • Review recent error logs
  • Validate required env vars and port binding (0.0.0.0:$PORT)

If failures exist, run one-fix-at-a-time triage from troubleshooting.md.

Common Traps

  • Starting deploy without a git remote -> Blueprint and MCP git-backed flows fail immediately.
  • Picking Direct Creation for multi-service systems -> Missing workers/datastores and fragmented setup.
  • Forgetting sync: false on secrets -> Broken deploys or accidental secret exposure in config.
  • Using localhost binding instead of 0.0.0.0:$PORT -> Health checks fail even when process is running.
  • Redeploying repeatedly without root-cause fix -> Noisy failures and delayed resolution.

External Endpoints

EndpointData SentPurpose
https://dashboard.render.comRepository URL, service config, env key namesBlueprint apply flow and dashboard provisioning
https://mcp.render.comService creation/config requests and workspace-scoped metadataMCP direct provisioning
https://api.render.comDeployment metadata, logs, service status (via CLI/API)Validation and operational checks

No other endpoints should be used unless the user requests an explicit integration.

Security & Privacy

Data that leaves your machine:

  • Repository URL and deployment metadata sent to Render services.
  • Environment variable names and provided values when the user explicitly sets them.

Data that stays local:

  • Preferences and deployment history in ~/render-deploy/ if the user accepts memory.
  • Local codebase inspection outputs and interim analysis notes.

This skill does NOT:

  • Read unrelated credentials outside the deployment context.
  • Scrape credentials from shell history, dotfiles, or unrelated config paths.
  • Send project files to undeclared third-party endpoints.
  • Run destructive infrastructure changes without explicit confirmation.

Trust

By using this skill, deployment metadata and selected configuration are sent to Render services. Only use it if you trust Render with this operational data.

Related Skills

Install with clawhub install <slug> if user confirms:

  • deploy - General deployment planning and release execution.
  • devops - CI/CD, infrastructure workflows, and ops coordination.
  • docker - Container packaging and runtime configuration.
  • ci-cd - Pipeline automation and release validation stages.
  • nodejs - Runtime-specific app configuration and startup tuning.

Feedback

  • If useful: clawhub star render-deploy
  • Stay updated: clawhub sync

Files

7 total
Select a file
Select a file to preview.

Comments

Loading comments…