High-risk tools in Coolify MCP Server
13 of the 89 tools in Coolify MCP Server are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
cancel_deploymentExecuteCancel a deployment. When COOLIFY_REQUIRE_CONFIRM=true, requires confirm: true parameter.
-
deployExecuteDeploy resources by UUID or tag. Supports deploying multiple resources at once using comma-separated values.
-
deploy_applicationExecuteDeploy an application. When COOLIFY_REQUIRE_CONFIRM=true, requires confirm: true parameter.
-
execute_commandExecuteExecute a command in an application container. NOTE: This endpoint is not available in Coolify API and will return an error.
-
restart_applicationExecuteRestart an application. When COOLIFY_REQUIRE_CONFIRM=true, requires confirm: true parameter.
-
restart_databaseExecuteRestart a database. When COOLIFY_REQUIRE_CONFIRM=true, requires confirm: true parameter.
-
restart_serviceExecuteRestart a service. When COOLIFY_REQUIRE_CONFIRM=true, requires confirm: true parameter.
-
start_applicationExecuteStart an application
-
start_databaseExecuteStart a database
-
start_serviceExecuteStart a service
-
stop_applicationExecuteStop an application. When COOLIFY_REQUIRE_CONFIRM=true, requires confirm: true parameter.
-
stop_databaseExecuteStop a database. When COOLIFY_REQUIRE_CONFIRM=true, requires confirm: true parameter.
-
stop_serviceExecuteStop a service. When COOLIFY_REQUIRE_CONFIRM=true, requires confirm: true parameter.
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.