using-superpowers
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Prompt Injection (LOW): The skill employs aggressive, mandatory language (e.g., 'not negotiable', 'ABSOLUTELY MUST', 'cannot rationalize your way out of this') to override the agent's standard reasoning regarding tool usage. By mandating skill invocation for even a '1% chance' of relevance, it intentionally bypasses the agent's internal filtering and safety logic.
- Indirect Prompt Injection Surface (LOW): The skill creates a broad attack surface by forcing the agent to load and 'follow exactly' content from other skill files before providing any response. This behavior reduces the agent's ability to critically evaluate instructions in those external files. Evidence Chain: 1. Ingestion points: User messages trigger mandatory Skill tool lookups (SKILL.md). 2. Boundary markers: None present; the skill discourages filtering. 3. Capability inventory: Invokes the Skill tool and follows resulting instructions 'exactly'. 4. Sanitization: None; instructions explicitly command the agent not to rationalize or adapt away from the skill's content.
Audit Metadata