render-monitor
Pass
Audited by Gen Agent Trust Hub on Jun 17, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill contains an indirect prompt injection surface as it processes external log and database data.
- Ingestion points: Data enters the agent context through
list_logs()andquery_render_postgres()which retrieve external content from Render. - Boundary markers: No explicit delimiters are instructed for untrusted external data to prevent the agent from obeying instructions embedded in logs or database results.
- Capability inventory: The skill provides access to high-impact capabilities including arbitrary SQL execution and shell access via
render ssh. - Sanitization: There is no evidence of sanitization or validation of the data retrieved from Render before processing.
- [COMMAND_EXECUTION]: The skill utilizes the
renderCLI for administrative functions such as log streaming and establishing SSH sessions for live debugging, which are standard operations for the platform. - [EXTERNAL_DOWNLOADS]: The skill references configuration of the Render MCP server at the official domain
https://mcp.render.com/mcp, which is a well-known service provider domain.
Audit Metadata