cocos2d-cli
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security issues detected. The skill follows best practices for a development tool, performing legitimate project manipulation and UI preview tasks as described.
- [EXTERNAL_DOWNLOADS]: The skill depends on 'playwright', a reputable and well-known library for browser automation. This dependency is used strictly for generating visual previews (screenshots) of UI layouts described in JSON, which is a core feature of the skill.
- [COMMAND_EXECUTION]: The skill provides a suite of CLI commands (tree, get, set, add, etc.) designed to be used by an agent to modify local Cocos Creator project files. These operations are confined to the user's project directory and follow the standard Cocos Creator file formats.
- [SAFE]: The inclusion of a local HTTP server (port 7455) in the editor plugin is a functional requirement for inter-process communication between the CLI and the Cocos Creator editor, allowing the agent to trigger scene refreshes in the open editor. This server is bound to localhost and does not represent an external network risk.
Audit Metadata