onestack

SUSPICIOUS: the deployment capability matches the stated purpose and the Dokploy CLI appears official, but the default data flow is to a self-hosted Dokploy instance on a raw IP over HTTP, which is disproportionate for token-based control-plane access. The main risk is insecure transport and credential exposure, not clear malware or deception.