coolify

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The prompt includes commands that take API tokens and credentials as literal/inline arguments (e.g., "coolify context add ... " and "--value "postgres://user:pass@...""), which could require the agent to output secrets verbatim instead of using environment variables or secure stores.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly instructs the agent to fetch and read application and deployment logs from a Coolify instance (SKILL.md Task B and Task E and the Guidelines: "check coolify app deployments logs" / "check coolify app logs") and also documents creating apps from public Git repos (references/api-reference.md POST /applications/public), meaning the agent will ingest untrusted, user-generated content from third-party repos/build output that can influence follow-up actions.