coolify
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFE
Full Analysis
- Overall Assessment (SAFE): The skill consists primarily of architectural best practices and placeholder files. No security threats were identified across any analyzed categories.
- Prompt Injection (SAFE): No instructions attempting to override agent behavior or bypass safety filters were found in SKILL.md or metadata.
- Data Exposure (SAFE): No hardcoded credentials, sensitive file paths, or unauthorized network operations are present.
- External Dependencies (SAFE): No external packages or remote scripts are downloaded or executed. The provided Python script is a benign placeholder.
- Indirect Prompt Injection (LOW): While the skill suggests fetching live documentation from
coolify.io, this is a standard informational task for technical support skills and does not currently present an automated exploitation path in the provided static files.
Audit Metadata