Patrick Bass Area: Monetization (audit p10) · Surface: /learn/enrol/{slug} (enrol error alert) · Dimension: contrast · Severity: minor
The JS-driven error alert hardcodes #ef4444 for both border and text instead of the semantic --color-danger token used elsewhere on the same page. It happens to read acceptably in both themes because the tinted background is derived from the same red, but it violates the project's token discipline (Law 3 guidance: use semantic tokens so theme changes stay consistent) and could drift from the danger color if the palette is retuned.
Evidence
platform/templates/courses/enrol.php:33-37 `<div id="enrol-error" role="alert" style="... background:rgba(239,68,68,0.12); border:1px solid #ef4444; ... color:#ef4444; ...">`. Uses raw hex instead of `var(--color-danger)` which the rest of the area uses (e.g. enrol.php:45 `<span style="color:var(--color-danger);">*</span>`).Suggested fix. Replace `#ef4444` with `var(--color-danger)` for both the border and text color, matching the required-asterisk styling already in the same template.
Filed by the automated tenant-app audit and adversarially evidence-verified. Status: verified. Open — not yet actioned.
Patrick Bass
@mobieus
