dokploy
Pass
Audited by Gen Agent Trust Hub on Mar 24, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses Bash scripts located in the scripts directory to manage Dokploy resources. These scripts rely on curl to communicate with the API and jq to parse and format the responses.
- [EXTERNAL_DOWNLOADS]: The skill performs outbound network requests via curl to the URL specified in the DOKPLOY_API_URL environment variable (defaulting to http://localhost:3000) to interact with the Dokploy service.
- [SAFE]: The skill provides a configuration command (dokploy-config set) that saves the API URL and API Key to a local plain-text file at ~/.dokployrc. This is standard behavior for developer tools and allows for configuration persistence between sessions.
- [PROMPT_INJECTION]: Indirect Prompt Injection Surface Analysis:
- Ingestion points: Data returned from Dokploy API calls (e.g., project names, logs, application details) is ingested via curl in scripts/dokploy.sh and processed by subsequent scripts.
- Boundary markers: There are no specific boundary markers or instructions used to signal to the agent that it should ignore potentially malicious instructions embedded in the API data.
- Capability inventory: The skill provides capabilities to create, update, and delete projects, applications, and domains, as well as set environment variables.
- Sanitization: API responses are parsed using jq before being output, which ensures they are handled as data rather than executable code within the scripts, though the agent must still exercise caution when interpreting the output.
Audit Metadata