using-superpowers
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill uses absolute and coercive imperatives to bypass the agent's autonomous safety and logic protocols. Evidence includes the use of phrases such as "ABSOLUTELY MUST", "YOU DO NOT HAVE A CHOICE", "This is not negotiable", and "not optional" to force specific tool-usage behaviors regardless of the task's context or simplicity.
- [PROMPT_INJECTION]: The instructions establish an extremely sensitive 1% threshold for tool invocation and explicitly command the agent to ignore its own rationalization or exploration of the codebase before checking for skills. This creates a high-risk surface for indirect prompt injection. 1) Ingestion points: Skill tool content loading. 2) Boundary markers: Absent; the agent is instructed to follow skills "directly" and ignore its own reasoning. 3) Capability inventory: Skill tool and TodoWrite tool. 4) Sanitization: Absent; the agent is instructed to prioritize these instructions over its own logic and even user instructions.
Audit Metadata