coolify

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt explicitly shows and instructs using Authorization: Bearer in API calls and curl examples, which would require the agent to insert secret token values verbatim into generated commands/requests.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md and referenced docs explicitly instruct the agent to call a user-configured Coolify instance (COOLIFY_URL) and API endpoints (e.g., GET /api/v1/applications, reading Dockerfile/docker-compose from repositories) and to delegate "Explore" and "Task" agents to discover and review those application/repository files — i.e., untrusted, user-provided content that the agent must read and that can materially change deployment actions.