Security risk report for @forgecat/contains-studio_agents_project-management v0.1.0
Source Integrity
Low
Profile originates from a public GitHub repository (contains-studio/agents) with clear attribution and version tracking.
No evidence of supply-chain tampering, typosquatted dependencies, or malicious package substitution.
Agent Intent
Low
Content describes legitimate project management workflows (experiment tracking, launch coordination, team orchestration) without instructing the AI to ignore instructions, exfiltrate data, or leak system prompts.
Examples provided are descriptive use-cases showing when agents should be invoked; they do not contain hidden directives or prompt-injection payloads.
No guidance poisoning detected—recommendations for feature flags, analytics, and cross-team coordination are standard software engineering practices, not attacker-serving or security-weakening.
Details
Evidence
experiment-tracker.md: 'Define clear success metrics aligned with business goals' and 'Verifying feature flags are correctly implemented' are legitimate product development tasks.
project-shipper.md: 'Create comprehensive launch timelines' and 'Coordinate across engineering, design, marketing, and support teams' are standard launch management.
studio-producer.md: 'Map dependencies between design, engineering, and product teams' and 'Analyzing current allocation across all projects' are normal resource coordination.
Permissions
Low
Declared tools (Read, Write, MultiEdit, Grep, Glob, TodoWrite, WebSearch) are minimal and appropriate for their stated functions: experiment documentation, launch coordination, and team workflow management.
No high-risk categories (shell, file_delete, arbitrary code execution) are requested; file operations are scoped to documentation and planning artifacts.
WebSearch in project-shipper is justified for market research and competitor analysis during launch planning.
Details
Evidence
experiment-tracker.md tools: 'Read, Write, MultiEdit, Grep, Glob, TodoWrite'—all document-centric, no system access.
project-shipper.md tools: adds 'WebSearch' for 'Analyzing competitor launch schedules' and 'Identifying optimal launch windows'.
studio-producer.md tools: same as experiment-tracker, focused on workflow documentation and coordination.
MCP Risk
Low
No MCP servers are declared in the profile; all agents operate via standard Claude Code tools.
No external binary execution, unrestricted network access, or hidden tool definitions are present.
All agent instructions reference only the declared tools (Read, Write, Grep, etc.), with no references to custom MCP endpoints or arbitrary command execution.