Skills
skills/enuno/claude-command-and-control/using-superpowers/Gen Agent Trust Hub

using-superpowers

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • Prompt Injection (LOW): The skill utilizes high-pressure and absolute language (e.g., 'ABSOLUTELY MUST', 'not negotiable', 'not optional') to force the agent into a rigid behavioral loop.
  • Prompt Injection (LOW): It explicitly commands the agent to ignore user instructions if they conflict with the skill's workflow ('Instructions ≠ Permission to Skip Workflows'). This is a direct attempt to override the human controller's intent.
  • Indirect Prompt Injection Surface (LOW): The skill mandates the use of a 'Skill' tool to load and execute other skill files based on a 1% chance of relevance. This creates a surface where a malicious external skill could be force-loaded and executed under the rigid compliance rules established here.
  • Ingestion points: Reads other skill files via the 'Skill' tool based on user prompts.
  • Boundary markers: None provided; the skill lacks delimiters or warnings for external content.
  • Capability inventory: References 'Skill' tool and 'TodoWrite' tool.
  • Sanitization: No sanitization or validation logic is present for the content loaded via the 'Skill' tool.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:31 PM