Render Deploy
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If used incorrectly, the agent could create or modify cloud services or deployment configuration in your Render workspace.
The skill can direct an agent to create Render services and update environment variables, which are account-mutating deployment actions.
`list_services`, `create_web_service`, `update_environment_variables`, and `list_deploys` map to Render MCP operations
Review the planned service name, repo, branch, plan, region, and environment variables before approving provisioning or updates.
A valid Render credential gives the agent delegated access to perform deployment and workspace operations.
The skill requires a Render API key or authenticated Render CLI session to act in the user's Render account.
Required env vars: RENDER_API_KEY ... Primary credential: RENDER_API_KEY
Use a properly scoped Render API key where possible and avoid sharing unrelated credentials; rotate the key if you no longer need the integration.
Installing the CLI adds a third-party local binary that the agent may use for deployment operations.
The install path depends on the external Render CLI package installed through Homebrew.
brew | formula: render | creates binaries: render
Install the Render CLI from the expected trusted package source and keep it updated.
Local memory may retain project names, workspace choices, repository/deployment context, and environment-variable names that influence later deployments.
The skill can persist deployment context locally for reuse across future sessions.
Store durable context only: ... Workspace and method preference ... Stable env var inventory (names and ownership, not secret values unless user asks)
Allow memory only if you want persistent deployment context, and do not store secret values there unless you explicitly intend to.
Deployment configuration and workspace-scoped metadata may be sent to Render's MCP service during direct provisioning.
The skill discloses an MCP-based provisioning path that sends service configuration and workspace metadata to Render.
https://mcp.render.com | Service creation/config requests and workspace-scoped metadata | MCP direct provisioning
Confirm the selected Render workspace and service configuration before using MCP direct creation.