The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill instructs the user to download an installation script for the Render CLI from its official GitHub repository (github.com/render-oss). This is a legitimate dependency for the skill's purpose of managing Render deployments.
[REMOTE_CODE_EXECUTION]: The skill provides instructions for the piped execution of a remote shell script (curl | sh) to install the Render CLI. While this is a high-risk pattern, the source is the official repository of a well-known cloud service provider.
[COMMAND_EXECUTION]: The agent is directed to execute shell commands such as render --version, render whoami, render blueprints validate, and Git operations (git remote, git push). These are standard operations required for the skill's intended functionality.
[DATA_EXFILTRATION]: The skill analyzes the user's local codebase to extract environment variables and configuration requirements. While necessary for determining deployment settings, this access involves sensitive information like database connection strings and secrets.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its analysis of untrusted content from the user's application files.
Ingestion points: Codebase analysis involving files like package.json, requirements.txt, and .env (referencing references/codebase-analysis.md).
Boundary markers: Absent; there are no specific instructions to delimit or ignore instructions that may be embedded within the analyzed files.
Capability inventory: The agent can execute shell commands, create cloud resources (web services, databases), and update environment variables.
Sanitization: Absent; the skill does not specify a process for validating or escaping content extracted from the codebase before processing it for deployment configuration.
[NO_CODE]: The skill does not contain custom executable scripts (such as .js or .py files) that run in the agent's context; it relies on documentation, YAML templates, and instructions to the agent.

render-deploy