Skip to main content

web-deploy

Automates deployment of web applications to platforms like Cloudflare, Vercel, and Netlify, streamlining CI/CD processes.

Install this skill

or
54/100

Security score

The web-deploy skill was audited on Mar 1, 2026 and we found 10 security issues across 4 threat categories, including 2 high-severity. Review the findings below before installing.

Categories Tested

Security Issues

high line 46

Template literal with variable interpolation in command context

SourceSKILL.md
46- GitHub Actions: In YAML file, use: `run: echo "::set-env name=GITHUB_TOKEN::${{ secrets.GITHUB_TOKEN }}"` then `run: gh workflow run deploy.yml`; Example snippet:
high line 58

Template literal with variable interpolation in command context

SourceSKILL.md
58Integrate by setting environment variables in your CI/CD config, e.g., add `env: { API_KEY: ${{ secrets.SERVICE_API_KEY }} }` in GitHub Actions. For multi-platform setups, use a monorepo with separate
medium line 64

Template literal with variable interpolation in command context

SourceSKILL.md
64await fetch('https://api.cloudflare.com/...', { headers: { Authorization: `Bearer ${process.env.CLOUDFLARE_API_TOKEN}` } });
low line 64

Fetch to external URL

SourceSKILL.md
64await fetch('https://api.cloudflare.com/...', { headers: { Authorization: `Bearer ${process.env.CLOUDFLARE_API_TOKEN}` } });
medium line 58

Webhook reference - potential data exfiltration

SourceSKILL.md
58Integrate by setting environment variables in your CI/CD config, e.g., add `env: { API_KEY: ${{ secrets.SERVICE_API_KEY }} }` in GitHub Actions. For multi-platform setups, use a monorepo with separate
low line 64

Access to .env file

SourceSKILL.md
64await fetch('https://api.cloudflare.com/...', { headers: { Authorization: `Bearer ${process.env.CLOUDFLARE_API_TOKEN}` } });
low line 42

External URL reference

SourceSKILL.md
42- Cloudflare Pages: Run `npx wrangler pages deploy ./build --project-name=my-site` to deploy a build folder; API endpoint: POST https://api.cloudflare.com/client/v4/accounts/{account_id}/pages/project
low line 44

External URL reference

SourceSKILL.md
44- Netlify: Command: `netlify deploy --dir=build --prod`; API: POST https://api.netlify.com/api/v1/sites/{site_id}/deploys with form data, using `$NETLIFY_ACCESS_TOKEN`.
low line 58

External URL reference

SourceSKILL.md
58Integrate by setting environment variables in your CI/CD config, e.g., add `env: { API_KEY: ${{ secrets.SERVICE_API_KEY }} }` in GitHub Actions. For multi-platform setups, use a monorepo with separate
low line 64

External URL reference

SourceSKILL.md
64await fetch('https://api.cloudflare.com/...', { headers: { Authorization: `Bearer ${process.env.CLOUDFLARE_API_TOKEN}` } });
Scanned on Mar 1, 2026
View Security Dashboard
Installation guide →
Rate this skill
Categorydevelopment
UpdatedMay 21, 2026
openclawdevopsbackenddevops-srebackend-developerfrontend-developerproduct-managergrowth-pmdockergithubvercelnetlifydevelopmentproduct
alphaonedev/openclaw-graph