What's Changed
Security
env_varslist now honors thekeyparameter (#271, #272 — thanks @artgas1) — the tool schema acceptedkeyon every action, but the threelistbranches ignored it, so the natural "what is FOO set to?" call (action=list,key=FOO,reveal=true) returned every variable on the resource in plaintext instead of the one requested.list+keynow filters the response to that single variable across application / service / database, masked or revealed; withoutkeythe full (masked-by-default) list is unchanged. The tool description now steers callers to always pairrevealwithkeyso a single-value read can never dump the resource's whole secret set again.
Documentation
- README rewritten, 462 → ~130 lines — killed the duplicated Available Tools section (every tool was documented twice), the response-size table, workflow sermons, and mid-page plugs; depth now lives on coolify-mcp.stumason.dev. Removed the "98%+ test coverage" claim: jest computes coverage with
src/lib/mcp-server.ts(the entire tool layer) excluded and enforces an 80% threshold, so the number was misleading. Remaining claims (42 tools, 85% token reduction, response-size reductions, smart lookup) were fact-checked against the codebase and CHANGELOG measurements.
🖱️ One-click Claude Desktop install: download coolify-mcp.mcpb below and drag it into Settings → Extensions.