render
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: deploy-on-render Version: 3.0.0 The skill bundle is designed to deploy and manage applications on Render. It instructs the AI agent to perform actions such as modifying local files (`render.yaml`), interacting with Git (`git add`, `git commit`, `git push`), making network requests to the Render API (`curl` with `RENDER_API_KEY`), and executing external tools (`render CLI`, `mcporter`). While these capabilities are high-risk, they are all explicitly aligned with the skill's stated purpose of deploying to Render. The `SKILL.md` instructions do not contain evidence of intentional harmful behavior like exfiltrating credentials to unrelated endpoints, establishing persistence, or malicious prompt injection against the agent to subvert its purpose. The use of `RENDER_API_KEY` is for its intended purpose with the Render API, and security best practices (e.g., `sync: false` for secrets) are advised.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent could create or redeploy Render resources in the user's account, potentially exposing an app publicly or incurring cloud costs if the user has not reviewed the exact action.
This selects direct API/MCP deployment when a token is present and explicitly removes the dashboard click, while the artifacts do not require a final user approval before account-changing cloud actions.
If `RENDER_API_KEY` is set → Prefer REST API or MCP (fastest; no user click).
Require explicit user confirmation before any POST/create/redeploy operation, including the target workspace, repository, branch, plan, region, environment variables, and estimated cost.
A valid Render API key may let the agent inspect workspaces and create or manage services depending on the token's permissions.
The skill uses a Render bearer token to list account/workspace owners and perform service operations. This is expected for Render deployment, but it is privileged account access.
curl -s "https://api.render.com/v1/owners" \ -H "Authorization: Bearer $RENDER_API_KEY"
Use a least-privilege Render key where possible, set it only for sessions that need deployment, and review any proposed account changes before allowing execution.
Deployment details and account-authorized actions may pass through the Render MCP integration rather than only local files or the dashboard.
The skill can route deployment actions and credentials through an external MCP server via mcporter. The endpoint is disclosed and purpose-aligned, but it expands the data/control path.
Render provides an official MCP server at **`https://mcp.render.com/mcp`**... `mcporter call render.create_web_service` ... Auth: set `RENDER_API_KEY` in the environment
Use MCP only when the user has configured and trusts that integration, and confirm which MCP tool will be called before creating or changing services.