admin-app-coolify

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly instructs the agent to collect secrets (root password, Cloudflare API token, SSH key path) and to "export all parameters" for running setup scripts, which implies embedding or handling those secret values verbatim in generated commands or outputs.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflows and scripts explicitly fetch and execute open-web content (e.g., one‑line installers like "curl -fsSL https://raw.githubusercontent.com/.../coolify-enhanced-setup.sh | bash" and "curl -fsSL https://cdn.coollabs.io/coolify/install.sh | bash") and call Cloudflare APIs / parse DNS/tunnel responses to drive installation and configuration decisions, so untrusted third‑party content is ingested and can materially influence subsequent tool actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill includes one-line runtime install commands that fetch and execute remote scripts (e.g., curl -fsSL https://cdn.coollabs.io/coolify/install.sh | bash), so the external URL is used at runtime to download and run remote code which the installation flow depends on.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The skill explicitly instructs installing Docker CE, configuring system SSH keys/localhost management, running setup scripts and configuring reverse-proxy/certificates — all system-level operations that require sudo/root and modify machine state, so it should be flagged.