Skills
skills/everyinc/compound-engineering-plugin/ce-polish-beta/Gen Agent Trust Hub

ce-polish-beta

Pass

Audited by Gen Agent Trust Hub on May 3, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill implements secure practices for interacting with the local development environment.
  • [COMMAND_EXECUTION]: The skill uses local shell scripts to detect project frameworks (e.g., Next.js, Rails, Vite) and resolve configuration details like ports and package managers. It executes standard development commands (such as npm run dev or bin/dev) based on the detected environment or a user-provided configuration file (.claude/launch.json). This behavior is transparent and aligned with the skill's primary purpose of managing a development server.
  • [DATA_EXPOSURE]: While the skill reads project configuration files and environment files (.env) to identify port settings, it does so using conservative patterns (e.g., regex matching for numeric values) and does not perform any external network operations beyond reachability probes to localhost and IDE-specific protocol handoffs.
Audit Metadata
Risk Level
SAFE
Analyzed
May 3, 2026, 05:44 PM