Product posture
Pluxx is primarily a local authoring and compilation tool. That means the core workflow normally runs:- in your local workspace
- against the MCPs and files you choose
- through the host coding agents and CLIs you already use
Data handling
Pluxx itself does not operate a required hosted control plane for normal source-project authoring, build, test, or install flows. However, some workflows may involve:- remote MCP endpoints you provide
- host agents you choose to use for semantic refinement
- package registries or marketplaces you use for installation or distribution
MCP record/replay tapes
pluxx mcp proxy --record writes local replay tapes for debugging and CI. Current recordings use a versioned schema and apply Pluxx’s default recursive credential-redaction policy before the file is written. The policy covers common sensitive keys, authorization values, URL credentials and sensitive query parameters, and source-command credential flags. Pluxx does not provide a raw-recording mode.
Redaction does not determine whether arbitrary tool content is private. A tool result may contain customer records, private documents, personal data, or confidential text under an ordinary field name. Treat every tape as potentially sensitive:
- use synthetic values in tests and examples
- review the serialized tape before committing or sharing it
- keep tapes out of public repositories unless their contents are intentionally publishable
- delete local tapes when they are no longer needed
User responsibility
You are responsible for reviewing:- the MCP servers you connect
- the host agents and models you invoke
- any credentials or environment variables you provide
- any third-party services you use alongside Pluxx
- any MCP replay tapes you retain, commit, upload, or share