Security risk report for @forgecat/contains-studio_agents_testing v0.1.0
Source Integrity
Low
Profile is self-contained with no external dependencies or supply-chain risks declared.
No instructions to fetch remote code, install untrusted packages, or pull from external repositories.
Static scanner confirms low risk; no suspicious external sources identified.
Agent Intent
Low
Content describes legitimate testing, performance analysis, and workflow optimization practices without instructing the AI to ignore its instructions or manipulate its behavior.
No system prompt leakage instructions; the profile does not ask the agent to reveal, dump, or transmit hidden instructions, tool definitions, or conversation memory.
No guidance poisoning detected; recommendations for tools (k6, Postman, Lighthouse, etc.) are well-known, legitimate packages with no typosquatting, backdoors, or security-weakening directives.
Details
Findings
Invisible characters detected
agents/performance-benchmarker.md · SKILL-011
Evidence
Profile recommends standard tools: 'k6 for modern load testing', 'Postman/Newman for collections', 'Chrome DevTools', 'Lighthouse for automated audits'—all legitimate.
No language attempting to override system instructions or hide the profile's own content from the user.
Permissions
Low
Declared tools (Bash, Read, Write, Grep, WebFetch, MultiEdit, TodoWrite) are appropriate for testing, analysis, and documentation tasks described in the profile.
Tool usage is scoped to legitimate functions: reading test logs, writing reports, running performance tests, fetching documentation—no excessive or unrelated authority.
No rules with alwaysApply=true or glob='**' patterns that would grant unrestricted access; permissions match the stated purpose of API testing, performance benchmarking, and workflow analysis.
Details
Evidence
api-tester agent uses: 'Bash, Read, Write, Grep, WebFetch, MultiEdit'—appropriate for running load tests and analyzing results.
performance-benchmarker uses: 'Bash, Read, Write, Grep, MultiEdit, WebFetch'—scoped to profiling and reporting.
test-results-analyzer uses: 'Read, Write, Grep, Bash, MultiEdit, TodoWrite'—limited to log analysis and report generation.
MCP Risk
Low
No MCP servers are declared in the profile; no external server definitions or tool integrations to evaluate.
Profile contains only markdown agent instructions with no binary execution, arbitrary code loading, or unrestricted network/filesystem access configured.
No hidden instructions embedded in tool descriptions or server configurations.
Details
Evidence
Profile metadata shows '(none)' for MCP servers.
All content is static markdown documentation and agent role descriptions.
No references to external binaries, remote execution, or dynamic tool loading.