coolify-orchestrator

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly instructs the agent to ask for and "save" COOLIFY_ACCESS_TOKEN if not in the environment and to use it in curl commands (Authorization: Bearer ...), which requires including the secret verbatim in generated outputs — a high exfiltration risk.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (medium risk: 0.60). This skill explicitly instructs the agent to perform state-changing system operations (SSH into servers, run docker exec, edit container files, provision apps/databases, restart services and run API calls that create/delete resources), so it enables potentially destructive modifications to the machine(s) or infrastructure it manages even though it does not explicitly ask to escalate privileges or create system users.