技能详情(站内镜像,无评论)
作者:Daniel Lummis @daniellummis
许可证:MIT-0
MIT-0 ·免费使用、修改和重新分发。无需归因。
版本:v1.0.0
统计:⭐ 0 · 170 · 0 current installs · 0 all-time installs
⭐ 0
安装量(当前) 0
🛡 VirusTotal :良性 · OpenClaw :良性
Package:daniellummis/render-env-guard
安全扫描(ClawHub)
- VirusTotal :良性
- OpenClaw :良性
OpenClaw 评估
The skill's requirements, instructions, and included script align with its stated purpose (preflight checks of Render service env vars) and do not request unrelated credentials or perform unexpected network activity.
目的
Name/description match the observed behavior: the script uses RENDER_API_KEY to call Render API, resolve a service, pull env vars, and validate keys. Required binaries (curl, python3) are appropriate for the HTTP requests and JSON parsing.
说明范围
SKILL.md and scripts instruct only to call the Render API endpoints, parse service and env-var JSON, and report PASS/FAIL. The script uses only declared/expected environment variables and does not read unrelated system files or send data to third-party endpoints.
安装机制
No install spec; the skill is instruction-only with an included shell script. Nothing is downloaded or installed at runtime by the skill itself.
证书
Only RENDER_API_KEY is required (plus optional Render-specific inputs). No unrelated credentials or unexpected secrets are requested. The RENDER_API_KEY is used appropriately to authenticate API calls.
持久
always is false and the skill does not attempt to persist configuration or modify other skills. Autonomous invocation is allowed by default but is normal and not excessive here.
综合结论
This skill appears coherent and safe for its stated purpose. Before installing, ensure you: (1) provide a Render API key with least privilege necessary (read access for services/env-vars), (2) store RENDER_API_KEY securely in your CI secret store so it is not exposed in logs, and (3) review any custom RENDER_API_BASE_URL you might set. The script does not exfiltrate values to third parties and only calls Render's API, but do not run it on untr…
安装(复制给龙虾 AI)
将下方整段复制到龙虾中文库对话中,由龙虾按 SKILL.md 完成安装。
请把本段交给龙虾中文库(龙虾 AI)执行:为本机安装 OpenClaw 技能「Render Env Guard」。简介:Preflight-check Render service environment variables before deploys; catches mi…。
请 fetch 以下地址读取 SKILL.md 并按文档完成安装:https://raw.githubusercontent.com/openclaw/skills/refs/heads/main/skills/daniellummis/render-env-guard/SKILL.md
(来源:yingzhi8.cn 技能库)SKILL.md
---
name: render-env-guard
description: Preflight-check Render service environment variables before deploys; catches missing keys and placeholder/template values that commonly break production rollouts.
version: 1.0.0
metadata: {"openclaw":{"requires":{"bins":["curl","python3"],"env":["RENDER_API_KEY"]}}}
---
# Render Env Guard
Use this skill when a deployment is failing because environment variables are missing, placeholder values leaked from templates, or service selection is ambiguous.
## What this skill does
- Resolves a Render service by ID or name
- Pulls service environment variables through Render API
- Validates required keys exist and are non-empty
- Flags suspicious values (template placeholders, localhost DB URLs, unexpanded `${VAR}` refs)
- Exits non-zero on any blocking issue so CI/deploy scripts can fail fast
## When to use
- Before `render deploy` / `render blueprint` updates
- After onboarding a new environment
- When runtime is showing config-related 5xx errors
## Inputs
- `RENDER_API_KEY` (required)
- one of:
- `RENDER_SERVICE_ID`
- `RENDER_SERVICE_NAME`
- optional:
- `RENDER_API_BASE_URL` (default `https://api.render.com/v1`)
- `REQUIRED_ENV_KEYS` (comma-separated, default: `DATABASE_URL,DIRECT_URL,SHADOW_DATABASE_URL,NEXT_PUBLIC_APP_URL`)
## Run
```bash
bash scripts/check-render-env.sh
```
or with explicit values:
```bash
RENDER_SERVICE_NAME=my-service
REQUIRED_ENV_KEYS="DATABASE_URL,NEXT_PUBLIC_APP_URL,STRIPE_SECRET_KEY"
bash scripts/check-render-env.sh
```
## Output contract
- Prints a short report with `PASS`/`FAIL`
- Returns exit code `0` when all required keys are valid
- Returns exit code `1` when any key is missing/invalid or service lookup fails
## Notes
- This checker is intentionally strict to prevent bad deploys.
- It validates values at the service level (what Render will inject at runtime), not local `.env` files.