dokploy-api-mcp

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and ingests data from a user-supplied Dokploy instance—e.g., scripts/setup.py calls <DOKPLOY_URL>/api/settings.health and /api/trpc/project.all and the SKILL.md/MCP-TOOLS.md instruct the agent to use MCP tools that call the Dokploy API—so untrusted responses from arbitrary external URLs are read and can materially influence actions like project selection and deployment.