Security risk report for @forgecat/contains-studio_agents_engineering v0.1.0
Source Integrity
Low
Profile is sourced from a recognized registry (@forgecat namespace) with standard installation instructions.
No suspicious external URLs, typosquatted packages, or attacker-controlled dependencies are referenced.
Agent Intent
Low
Content describes legitimate engineering agent roles (AI engineer, backend architect, DevOps, frontend, mobile, rapid prototyper, test writer) with standard professional responsibilities and best practices.
No instructions attempt to manipulate the AI into ignoring system prompts, exfiltrating credentials, hiding instructions, or installing remote payloads.
No guidance poisoning: recommendations for frameworks (React, Next.js, Kubernetes, Terraform, etc.) and practices (OWASP security, WCAG accessibility, performance optimization) are industry-standard and security-conscious, not deceptive or attacker-serving.
Details
Evidence
ai-engineer.md: 'Ethical AI Considerations: Bias detection and mitigation, Explainable AI implementations, Privacy-preserving techniques, Content moderation systems'
backend-architect.md: 'Security Implementation: Implementing proper authentication (JWT, OAuth2), Creating role-based access control (RBAC), Validating and sanitizing all inputs, Following OWASP security guidelines'
devops-automator.md: 'Security Automation: Implementing security scanning in CI/CD, Managing secrets with vault systems, Setting up SAST/DAST scanning, Implementing dependency scanning'
Permissions
Low
Declared tools (Write, Read, MultiEdit, Bash, WebFetch, Grep, Glob, Task) are standard code-editing and development utilities appropriate to the stated purpose of engineering agent profiles.
No high-risk categories (shell with alwaysApply=true and globs='**', file_delete, arbitrary binary execution) are present.
Tool authority matches the described function: frontend-developer uses Write/Read/MultiEdit/Bash/Grep/Glob for UI implementation; devops-automator uses Bash/Grep for infrastructure automation; test-writer-fixer uses Task for test execution—all proportionate to their roles.
Details
Evidence
frontend-developer.md tools: 'Write, Read, MultiEdit, Bash, Grep, Glob' — scoped to UI/component work
devops-automator.md tools: 'Write, Read, MultiEdit, Bash, Grep' — appropriate for CI/CD and infrastructure
rapid-prototyper.md tools: 'Write, MultiEdit, Bash, Read, Glob, Task' — includes Task for project scaffolding, proportionate to rapid development role
MCP Risk
Low
No MCP servers are defined in the profile; the profile is a collection of agent role descriptions and tool configurations only.
No hidden instructions in tool descriptions; all tool descriptions are transparent and aligned with their stated purposes.