using-superpowers
Warn
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: MEDIUMPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill employs forceful and absolute language such as "ABSOLUTELY MUST", "NOT NEGOTIABLE", and "YOU DO NOT HAVE A CHOICE", which is intended to coerce the AI agent into following a specific workflow regardless of its internal reasoning or safety evaluations.
- [PROMPT_INJECTION]: It explicitly instructs the agent to ignore its own rationalizations and logical thought processes through a "Red Flags" section that commands the agent to "STOP—you're rationalizing" in favor of strictly adhering to the skill's instructions. This mimics prompt injection techniques used to bypass operational constraints.
- [PROMPT_INJECTION]: The skill mandates tool invocation (specifically the
Skilltool) before performing any other action, including asking for clarification or exploring a codebase, which overrides the agent's standard conversational flow and safety protocols. This directive increases the attack surface for indirect prompt injection by forcing the loading of external skill files without prior validation.
Audit Metadata