measure-results

Pass

Audited by Gen Agent Trust Hub on Jul 4, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Fetches updated marketing playbooks from the vendor's official API at api.forsvn.com. This is part of the skill's core functionality to ensure that performance readings are grounded in current platform algorithms. The connection uses HTTPS and originates from the author's own domain hungv47.
  • [COMMAND_EXECUTION]: Utilizes bun to execute local utility scripts for manifest indexing and hosted API interactions. These scripts are project-internal and implement security boundary checks, such as refusing to walk symlinked directories during project scans.
  • [SAFE]: Implements a dedicated Critic agent that enforces a 5-dimension rubric (Attribution, Falsifiability, Honesty, Actionability, Write-back fidelity) to prevent sycophancy and ensure all analytical claims are backed by numbers.
  • [SAFE]: Manages authentication tokens using standard environment variables and local configuration paths (e.g., ~/.config/forsvn/credentials.json), avoiding hardcoded secrets and following standard practice for developer tooling.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 4, 2026, 10:17 PM
Security Audit — agent-trust-hub — measure-results