coolify
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides documentation for the Coolify API and deployment workflows. No malicious behaviors, obfuscation, or unauthorized access patterns were identified.
- [COMMAND_EXECUTION]: Includes standard curl and jq command examples for API interaction. These are instructional and rely on user-configured environment variables for the Coolify instance URL and authentication tokens.
- [EXTERNAL_DOWNLOADS]: Mentions Nixpacks and Docker build processes which involve fetching packages from well-known public registries like NPM, Nix, and Apt. This is consistent with the skill's primary purpose and targets well-known services.
- [PROMPT_INJECTION]: No instructions to bypass safety filters or override agent behavior were detected in the skill body or metadata.
- [DATA_EXPOSURE]: No hardcoded secrets or access to sensitive local files were found. The skill correctly demonstrates using environment variables (e.g., $COOLIFY_TOKEN) and secrets management in CI/CD pipelines using GitHub Secrets.
Audit Metadata