Skip to main content

deploy-render

Offers detailed guidelines for deploying applications on Render.com, including environment setup, database migrations, and best practices.

Install this skill

or
45/100

Security score

The deploy-render skill was audited on Feb 9, 2026 and we found 23 security issues across 4 threat categories. Review the findings below before installing.

Categories Tested

Security Issues

medium line 75

Template literal with variable interpolation in command context

SourceSKILL.md
75```bash
medium line 202

Template literal with variable interpolation in command context

SourceSKILL.md
202```bash
medium line 351

Template literal with variable interpolation in command context

SourceSKILL.md
351console.log(`Sending email to ${to}`);
medium line 549

Template literal with variable interpolation in command context

SourceSKILL.md
549`https://${request.headers.get('host')}${request.nextUrl.pathname}`,
medium line 645

Curl to non-GitHub URL

SourceSKILL.md
645curl -X POST https://api.render.com/deploy/srv-xxx?key=xxx
low line 95

Webhook reference - potential data exfiltration

SourceSKILL.md
95STRIPE_WEBHOOK_SECRET=whsec_...
medium line 639

Webhook reference - potential data exfiltration

SourceSKILL.md
639**Webhook URL:**
medium line 641

Webhook reference - potential data exfiltration

SourceSKILL.md
641- Copy webhook URL
medium line 17

Access to .env file

SourceSKILL.md
17- [ ] `.gitignore` includes `.env`, `node_modules`, build artifacts
low line 260

Access to .env file

SourceSKILL.md
260const pool = new Pool({ connectionString: process.env.DATABASE_URL });
low line 346

Access to .env file

SourceSKILL.md
346const emailQueue = new Queue('email', process.env.REDIS_URL);
low line 500

Access to .env file

SourceSKILL.md
500key: process.env.LOGDNA_KEY,
low line 502

Access to .env file

SourceSKILL.md
502env: process.env.NODE_ENV
low line 708

Access to .env file

SourceSKILL.md
708- Port binding: app.listen(process.env.PORT || 10000)
low line 81

External URL reference

SourceSKILL.md
81NEXT_PUBLIC_SITE_URL=https://your-app.onrender.com
low line 82

External URL reference

SourceSKILL.md
82NEXTAUTH_URL=https://your-app.onrender.com
low line 89

External URL reference

SourceSKILL.md
89NEXT_PUBLIC_SUPABASE_URL=https://your-project.supabase.co
low line 549

External URL reference

SourceSKILL.md
549`https://${request.headers.get('host')}${request.nextUrl.pathname}`,
low line 645

External URL reference

SourceSKILL.md
645curl -X POST https://api.render.com/deploy/srv-xxx?key=xxx
low line 745

External URL reference

SourceSKILL.md
745- [Render Documentation](https://render.com/docs)
low line 746

External URL reference

SourceSKILL.md
746- [render.yaml Reference](https://render.com/docs/yaml-spec)
low line 747

External URL reference

SourceSKILL.md
747- [Deploy Hooks](https://render.com/docs/deploy-hooks)
low line 748

External URL reference

SourceSKILL.md
748- [Health Checks](https://render.com/docs/health-checks)
Scanned on Feb 9, 2026
View Security Dashboard
Installation guide →
GitHub Stars 106
Rate this skill
Categorydevelopment
UpdatedMay 21, 2026
openclawbackenddevopsbackend-developerdevops-sreproduct-managergithubgitlabbitbucketdevelopmentproduct
majiayu000/claude-skill-registry