TL;DR: As long as you technically ensure to only add data to your backup-repo and not delete anything, your are fine. But as soon as you start to delete things from your backup-repo, you are in principal vulnerable.
As you correctly pointed out, it is important that the potentially attacked server does not have any access to your backup-repo and that you only add data to your backup-repo.
restic forget just deletes snapshot files. If you ensure that you don’t delete anything on your backup-repo, this will not change the backup-repo at all.
If you however also prune (e.g forget --prune), restic may also recreate some files. This may cause duplicates in you backup-repo. (but still your backup-repo will be fine).
Correct. restic backup only adds files and doesn’t delete anything. This is also true for the destination repo within restic copy.
No. As soon as you start to remove data from your backup-repo, an attack could trick you into removing data you actually don’t want to remove.
In your scenario an attacker would have full read and write access to your repository and would be able to trick you into something. For example he could
know some security holes within restic and prepare data in your repo to exploit these
create some fake snapshots to trick your forget and prune runs into removing data you desperately need