brief-app-preview

Pass

Audited by Gen Agent Trust Hub on Jul 4, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: No signs of prompt injection or adversarial role-play were detected. The instructions are purely procedural and focus on maintaining quality gates for video production.
  • [SAFE]: The included utility scripts (scripts/bootstrap-experience.ts and scripts/manifest-sync.ts) are well-written Bun/Node.js tools for directory management and indexing. They include security checks, such as preventing operations on symlinks, which is a best practice to avoid directory traversal or symlink-based file overwriting attacks.
  • [SAFE]: No hardcoded credentials or sensitive file path access (like SSH keys or cloud provider configs) were found. All file operations are restricted to the local docs/forsvn/ and .forsvn/ project directories.
  • [SAFE]: No obfuscation techniques (Base64, hex encoding, zero-width characters) are used. All logic is transparent and readable.
  • [SAFE]: There are no remote code execution patterns, external network requests, or unverifiable third-party dependencies. The skill operates autonomously within the local environment.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 4, 2026, 10:16 PM
Security Audit — agent-trust-hub — brief-app-preview