render-monitor

Pass

Audited by Gen Agent Trust Hub on Jun 17, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill contains an indirect prompt injection surface as it processes external log and database data.
  • Ingestion points: Data enters the agent context through list_logs() and query_render_postgres() which retrieve external content from Render.
  • Boundary markers: No explicit delimiters are instructed for untrusted external data to prevent the agent from obeying instructions embedded in logs or database results.
  • Capability inventory: The skill provides access to high-impact capabilities including arbitrary SQL execution and shell access via render ssh.
  • Sanitization: There is no evidence of sanitization or validation of the data retrieved from Render before processing.
  • [COMMAND_EXECUTION]: The skill utilizes the render CLI for administrative functions such as log streaming and establishing SSH sessions for live debugging, which are standard operations for the platform.
  • [EXTERNAL_DOWNLOADS]: The skill references configuration of the Render MCP server at the official domain https://mcp.render.com/mcp, which is a well-known service provider domain.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 17, 2026, 06:39 PM
Security Audit — agent-trust-hub — render-monitor