using-superpowers

This file is not directly malicious but is high-risk as a policy: it compels the agent to automatically discover and execute other skills and to transmit checklist items via TodoWrite, which can enable supply-chain attacks and data leakage unless strict controls are added. Recommendations: restrict skill sources to verified/trusted repositories, require explicit user consent before executing skills that request sensitive permissions, implement capability-scoped permission checks, ensure TodoWrite targets are trusted or local, and add audit/logging and an allowlist/denylist for skills. Treat this policy with caution in production.