Skills
skills/lumea-labs/polpo-skills/polpo-cloud/Gen Agent Trust Hub

polpo-cloud

Pass

Audited by Gen Agent Trust Hub on Apr 16, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the polpo-ai command-line utility globally via the NPM package registry.
  • [COMMAND_EXECUTION]: Utilizes the polpo CLI for a variety of cloud management tasks, including authentication (polpo login), project deployment (polpo deploy), and log retrieval (polpo cloud-logs). These commands are standard for interacting with the Polpo Cloud platform.
  • [DATA_EXFILTRATION]: The polpo deploy command synchronizes local agent configurations, skills, and memory data from the .polpo/ directory to the Polpo Cloud API at https://api.polpo.sh. This is the intended behavior of the deployment functionality.
  • [CREDENTIALS_UNSAFE]: The skill documents the management of API keys for the Polpo platform and external LLM providers (BYOK). It adheres to security best practices by recommending the use of environment variables or interactive prompts and explicitly warns users against hardcoding secrets in source code or committing them to version control.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 16, 2026, 12:20 PM