Coolify MCP Server

89 tools. 51 can modify or destroy data without limits.

10 destructive tools with no built-in limits. Policy required.

Last updated:

51 can modify or destroy data
38 read-only
89 tools total

Community server · catalogue entry verified 06/07/2026

How to control Coolify MCP Server ↓

What Coolify MCP Server exposes to your agents

Read (38) Write / Execute (41) Destructive / Financial (10)
Critical Risk

The most dangerous Coolify MCP Server tools

51 of Coolify MCP Server's 89 tools can modify, destroy, or commit something on every call — and an agent calls them with no built-in limits.

How to control Coolify MCP Server

PolicyLayer is an MCP gateway — it sits between your AI agents and Coolify MCP Server, and nothing reaches the server without passing your rules. These are the rules we recommend:

Deny destructive operations
{
  "delete_application": {
    "deny_if": [
      {
        "conditions": [],
        "on_deny": "Blocked by default. Requires approval."
      }
    ]
  }
}

Destructive tools should never be available to autonomous agents without human approval.

Rate limit write operations
{
  "create_application": {
    "limits": [
      {
        "counter": "create_application_per_hour",
        "window": "hour",
        "max": 30,
        "scope": "grant"
      }
    ]
  }
}

Prevents bulk unintended modifications from agents caught in loops.

Cap read operations
{
  "get_application": {
    "limits": [
      {
        "counter": "get_application_per_minute",
        "window": "minute",
        "max": 60,
        "scope": "grant"
      }
    ]
  }
}

Controls API costs and prevents retry loops from exhausting upstream rate limits.

  1. Create a free account and register Coolify MCP Server — nothing to install.
  2. Add these rules — paste them, or build them visually. Tune the limits to your setup.
  3. Point your MCP client (Claude, Cursor, anything) at your gateway URL.
ENFORCE POLICY ON COOLIFY →

Instant setup, no code required.

All 89 Coolify MCP Server tools

WRITE 28 tools
Write create_application Create a new application Write create_application_env Create an environment variable for an application Write create_database Create a new database. Valid types: postgresql, mysql, mariadb, mongodb, redis, clickhouse, dragonfly, keydb Write create_database_backup Create a backup configuration for a database Write create_dockercompose_application Create a new application from Docker Compose configuration Write create_dockerfile_application Create a new application from a Dockerfile Write create_dockerimage_application Create a new application from a Docker image Write create_environment Create a new environment in a project Write create_github_app Create a new GitHub App configuration Write create_private_deploy_key_application Create a new application from a private Git repository using deploy key authentication Write create_private_github_app_application Create a new application from a private Git repository using GitHub App authentication Write create_private_key Create a new SSH private key Write create_project Create a new project Write create_public_application Create a new public application from a public Git repository Write create_server Create a new server Write create_service Create a new service Write create_service_env Create an environment variable for a service Write update_application Update an application Write update_application_env Update an environment variable for an application Write update_application_envs_bulk Update multiple environment variables for an application in bulk Write update_database Update a database Write update_github_app Update a GitHub App configuration Write update_private_key Update a private key Write update_project Update a project Write update_server Update a server Write update_service Update a service Write update_service_env Update an environment variable for a service Write update_service_envs_bulk Update multiple environment variables for a service in bulk
READ 38 tools
Read get_application Get application details Read get_application_deployments Get all deployments for an application Read get_application_envs Get environment variables for an application Read get_application_logs Get application logs Read get_current_team Get details of the current team Read get_current_team_members Get members of the current team Read get_database Get database details by UUID Read get_database_backups Get backup configurations for a database Read get_database_logs Get logs from a database. NOTE: This endpoint is not available in Coolify API and will return an error. Databa Read get_deployment Get deployment details Read get_environment Get environment details Read get_github_app Get GitHub App details by ID Read get_github_app_repositories Get repositories accessible by a GitHub App Read get_github_app_repository_branches Get branches of a repository accessible by a GitHub App Read get_private_key Get a private key by UUID Read get_project Get project details Read get_server Get server details by UUID Read get_server_domains Get domains configured on a server Read get_server_resources Get server resource usage Read get_service Get service details by UUID Read get_service_envs Get environment variables for a service Read get_service_logs Get logs from a service. NOTE: This endpoint is not available in Coolify API and will return an error. Service Read get_team Get details of a specific team Read get_team_members Get members of a specific team Read get_version Get Coolify version information Read health_check Check Coolify API health status Read list_applications List all applications Read list_databases List all databases Read list_deployments List all deployments Read list_environments List environments in a project Read list_github_apps List all GitHub Apps configured in Coolify Read list_private_keys List all SSH private keys Read list_projects List all projects Read list_resources List all resources (applications, services, databases) Read list_servers List all servers in Coolify Read list_services List all services Read list_teams List all teams accessible to the authenticated user Read validate_server Validate server connection

Related servers

Other MCP servers with similar tools — same risk classification, starter policies for each.

Questions about Coolify MCP Server

Can an AI agent delete data through the Coolify MCP Server MCP server? +

Yes. The Coolify MCP Server server exposes 10 destructive tools including delete_application, delete_application_env, delete_database. These permanently remove resources with no undo. PolicyLayer blocks destructive tools by default so they never reach the upstream server.

How do I prevent bulk modifications through Coolify MCP Server? +

The Coolify MCP Server server has 28 write tools including create_application, create_application_env, create_database. Set a rate limit in your policy -- for example, 10 calls per hour prevents an agent from making more than 10 modifications per hour. PolicyLayer enforces this at the gateway, before calls reach Coolify MCP Server.

How many tools does the Coolify MCP Server MCP server expose? +

89 tools across 4 categories: Destructive, Execute, Read, Write. 38 are read-only. 51 can modify, create, or delete data.

How do I enforce a policy on Coolify MCP Server? +

Register the Coolify MCP Server MCP server in PolicyLayer, apply the suggested rules above (adjust the limits to your use case), and point your AI client at the PolicyLayer proxy URL instead of the server directly. Your agents keep the same tools; PolicyLayer evaluates every call against policy before it executes. Nothing to install, live in minutes.

Enforce policy on every Coolify MCP Server tool call.

Deterministic rules across all 89 Coolify MCP Server tools. Per-identity grants. Full audit log. Live in minutes. Nothing to install.

Instant setup, no code required.

89 Coolify MCP Server tools catalogued and risk-classified — across an index of 43,000+ MCP servers.

// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.