Security risk report for @forgecat/contains-studio_agents_marketing v0.1.0
Source Integrity
Low
Profile sourced from Contains Studio's public GitHub repository with clear attribution and commit hash.
No evidence of supply-chain tampering, typosquatted dependencies, or malicious package recommendations.
Agent Intent
Low
Content describes legitimate marketing agent personas (ASO, content creation, growth hacking, social media) with no instructions to manipulate the AI, exfiltrate data, or hide instructions.
Guidance is standard marketing best practice (keyword research, content optimization, A/B testing, community engagement) with no poisoned dependencies, security-weakening directives, or backdoored code templates.
No prompt injection, system prompt leakage, or role-hijacking language detected; agents are designed to assist with marketing tasks, not to subvert their own instructions or the user's intent.
Details
Evidence
App-store-optimizer: 'Keyword Research & Strategy', 'Metadata Optimization', 'A/B Testing Priority List' — standard ASO practices.
Reddit-community-builder: '90-9-1 Rule', 'Value-First Framework' — emphasizes authentic engagement and community respect, not manipulation.
TikTok-strategist: 'Viral Mechanics', 'Platform Culture Rules' — trend-based marketing, no instructions to bypass platform policies or deceive users.
Permissions
Low
Declared tools (Write, Read, WebSearch, WebFetch, MultiEdit) are appropriate for marketing agents: content creation, research, and web access align with stated functions.
No high-risk categories (shell, file_delete, file_mutate) or excessive authority; no alwaysApply=true rules with broad globs.
Tool scope matches agent purpose: app-store-optimizer and tiktok-strategist use WebSearch/WebFetch for research; content-creator uses Write for drafting; no unauthorized file system or system command access.
Details
Evidence
app-store-optimizer tools: 'Write, Read, WebSearch, WebFetch, MultiEdit' — limited to content research and drafting.
tiktok-strategist tools: 'Write, Read, WebSearch, WebFetch' — web research and content creation only.
No MCP servers declared; no shell, file_delete, or subagent permissions requested.
MCP Risk
Low
No MCP servers defined in the profile; no external binary execution or unrestricted network/filesystem access.
Tool definitions in agent markdown are descriptive (no hidden instructions or malicious payloads embedded in tool descriptions).
Profile relies on standard Claude Code capabilities (Write, Read, WebSearch, WebFetch) with no custom MCP configuration.
All agent markdown files describe marketing strategies and best practices; no tool descriptions contain obfuscated instructions or references to external payloads.