render-mcp

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill's setup examples and CLI snippets instruct embedding Render API keys/Bearer tokens directly into config files and command arguments (e.g., Authorization headers, export commands), which would require the agent to accept and output secret values verbatim.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill instructs the agent to connect to the public Render MCP endpoint (https://mcp.render.com/mcp) and to call tools such as list_logs(), get_service(), get_metrics(), and query_render_postgres(), which ingest service metadata and user-generated logs/content from the third-party Render service and that content is then used to decide actions (restarts, config changes, deploys), creating a clear path for indirect prompt-injection from untrusted third-party data.