forth-ai-brand
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Prompt Injection (SAFE): No attempts to override system prompts or bypass safety filters were detected. The instructions are strictly focused on enforcing brand and design guidelines.
- Data Exposure & Exfiltration (SAFE): No hardcoded credentials, sensitive file paths, or unauthorized network operations were identified. Internal document paths referenced (e.g.,
SSOT/Product/design-doctrine.md) are conceptual within the project structure and not system-sensitive. - Obfuscation (SAFE): No Base64, zero-width characters, or other encoding techniques intended to hide malicious content were found.
- Unverifiable Dependencies & Remote Code Execution (SAFE): The
tech-stack.mdfile lists standard, reputable frontend libraries (React, Redux Toolkit, Vite, Tailwind CSS). No remote script execution or piped command-line installers are present. - Privilege Escalation & Persistence (SAFE): There are no commands related to sudo, administrative access, or persistent system modifications like cron jobs or shell profile edits.
- Dynamic Execution (SAFE): The skill contains static code snippets for UI components and configuration. It does not use
eval(),exec(), or any runtime code generation patterns.
Audit Metadata