coolify

Benign overall with moderate security caution. The skill is coherent with its described purpose and uses standard authentication and REST API patterns. Primary concerns: default HTTP endpoint (no TLS in default URL) may expose tokens if used in insecure environments; token retrieval from local files could leak if access controls are lax or shell history is preserved. Recommend enforcing HTTPS in production, pinning/short-lived tokens, and ensuring token files are secured (restrict permissions, avoid logging commands that reveal tokens).